SECURE, IN STYLE

Personal Style, Empathy, and Awareness in a Digital World | Security for the Soft-Spoken

phishing awareness in digital security

Is That Link Safe? Check It Before You Click It

Secure, In Style

Editor’s (my) note: I just wrote this for my work’s customer SharePoint wiki site that I created, so why yes, I am totally pilfering what I wrote there to put on my own blog. I wrote it, after all. 😁

We’ve all been there: receiving email after email demanding our attention, our time, and increasingly—our money. Their contents frequently introducing some kind of artificial time constraint to catch you off-guard and get you to click their links as quickly as possible.

Photo by Stephen Phillips – Hostreviews.co.uk on Unsplash

Inevitably, you’ll find a link buried inside to click in order to:

🚨 Accept a “refund”
🚨 Prevent a “fraudulent” charge
🚨 Prevent your account from being “disabled”

While you should always take a moment to be skeptical of these emails—especially the links contained therein—if you’re like me, you likely wonder whether those links are legitimate or not. Nowadays, simply hovering your mouse over the link may not give you the full picture of where that link will actually take you. They may start with something like:

https://microsoft.com

But the actual address might look something like:

https://microsoft.com.myevilwebsite.org/sign-in.html

Some Help Is Here

Today, companies and individuals are developing tools to help folks check the legitimacy of these links before they click to follow them. A few of these tools are:

🔗 – https://virustotal.com
🔗 – https://shouldiclick.org
🔗 – https://urlscan.io

How do they work?

You can copy and paste a link into these sites, and they will do the dirty work for you—open the link to see what happens. Think of them as a sort of digital bomb disposal service. Any malicious links will safely go “boom” in their sandbox, rather than potentially explode on you, ruining your computer and your day.

Here are some screenshots of the results of each site when checking the legitimacy of microsoft.com. As you can see, Should I Click and URLScan.io both even provide a screenshot image of the target link for further scrutiny.

virustotal.com
shouldiclick.org
urlscan.io

While these are great tools, they should not be relied upon to be the deciding factor. Pause for a moment—give these emails some much-needed attention. Ask yourself a few questions:

💭 Is this something I am/was expecting?
💭 Is the email trying to get me to do something immediately?
💭 Is the email trying to invoke some kind of emotional response in order to get me to act?

-Terry

,

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Discover more from Secure, in Style

Subscribe now to keep reading and get access to the full archive.

Continue reading