Not all URLs are created equal. Malicious URLs are lurking in emails, text messages, social media posts, pop-up windows, and more. Scammers create and distribute these links and try to trick users like you into clicking. Once you get to their sites, you can be exposed to malicious software, viruses, and other dangerous content.
Dangerous links lead you to dangerous sites and put your data, your computer, and your network in harm’s way. And though it can be difficult to distinguish a safe URL from a malicious one, there are warning signs you can watch for. Keep these five points in mind when you come across an unknown URL:
1. The end of the domain is the most important part to check.
The domain portion of a URL is what gives you insight into the source of a link. The domain can be found after the http://; in longer links, the domain ends prior to the first /. For example, in the link http://google.com/maps, the domain is google.com.
Seems straightforward, right? Wrong. Scammers will doctor domains to make them seem like something they aren’t. In the example of http://google.com.cust_login.ie, the domain is cust_login.ie, not google.com. And in http://accounts_login.cz/google.com, the domain is accounts_login.cz, not google.com.
In the last two examples, you can see why a user might think they are linking to a Google site as opposed to a malicious site. That is why it’s important to check the space between the http:// and the first / and watch out for things that don’t belong.
2. Hyphens and symbols are common in malicious links.
Legitimate websites don’t often have hyphens or symbols in their domain names. As with the examples noted in point #1, scammers will use these elements along with known brands to try to trick you. For example, www.google.com isn’t the same as www.google-search.com.
3. Beware of domains that are entirely numbers.
Sometimes you will come across a domain that is shown just as an IP address (e.g., http://101.10.1.101). With links like this, you have no way of knowing the real owner of the domain. You should not click this type of URL unless you are familiar with the IP address and you know exactly where the link will take you.
4. Shortened URLs are URLs in disguise. Period.
With character limits on certain social media platforms, it’s common to see shortened URLs there. But they are also found in text messages, emails, and other media. Services like Tiny URL and Bitly take longer URLs and tie them to a URL with fewer characters. While convenient, the reality is that a shortened URL is a mask for another link. Be careful with these; like IP address domains, you can’t be certain of the true sources of the links.
5. Scammers can mask dangerous links with legitimate-looking links.
Scammers can embed dangerous URLs inside of legitimate-looking links, text, logos, and images. But you can see what’s hidden by mousing over these links. As you hover, compare the URL that appears on your screen to the URL that is visible. If there’s a significant difference or you see some of the warning signs in the hidden URL, avoid that link (and the email, website, or ad that contains it).
Bottom Line: Think Before You Click
Due diligence is the name of the game with URL safety. It’s about checking things you see and verifying what you don’t see. And it’s about clicking smart. If you aren’t familiar with a URL or you receive it in a message you weren’t expecting, do not click. When you’re unsure, the best option is to use a search engine to find a legitimate, reliable link.
©2008-2015 Wombat Security Technologies, Inc. All rights reserved.
FAQs
To find out if a link is safe, just copy/paste the URL into the search box and hit Enter. Google Safe Browsing's URL checker will test the link and report back on the site's legitimacy and reputation in just seconds. It's that easy to use Google's URL scanner.
How do I know if a URL is dangerous? ›
To find out if a link is safe, just copy/paste the URL into the search box and hit Enter. Google Safe Browsing's URL checker will test the link and report back on the site's legitimacy and reputation in just seconds. It's that easy to use Google's URL scanner.
What does a suspicious URL look like? ›
A suspicious root domain is one where the second-level domain and top-level domain do not match those of a reputable website. For example, in the link www.chase.com for Chase Bank, the word 'chase' is the second-level domain, and 'com' is the top-level domain.
What is an unsafe URL? ›
Unsafe sites are usually websites that trick you to do something dangerous online, like try to make you give away your passwords or personal information. They can harm your device or cause problems when you browse online. These sites may be: Phishing.
What are some signs that a link may be malicious or fake in KnowBe4? ›
Nearly all phishing emails and internet scams involve some type of malicious URL. Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist has outlined the most common types, and defenses against them, These include Look-alike Domains, Domain Mismatches, URL Shortening, URL Character Encoding, and much much more.
What is the most suspicious thing about the URL? ›
Keep these five points in mind when you come across an unknown URL:
- The end of the domain is the most important part to check. ...
- Hyphens and symbols are common in malicious links. ...
- Beware of domains that are entirely numbers. ...
- Shortened URLs are URLs in disguise.
Yes - visiting a website can lead to a virus or malware infection. A malicious site may download a virus to your computer without your consent or permission. And if your own website is hacked but you haven't noticed the infection yet, you may be distributing malware to site visitors without even knowing it.
What is list of suspicious URLs? ›
Dangerous websites list
- Ucoz. com.
- 17ebook. co.
- sapo . pt.
- aladel. net.
- bpwhamburgorchardpark. org.
- clicnews. com.
- Amazonaws .com.
- dfwdiesel. net.
If you click a phishing link sent via a spam or scam text message and share your personal information or account credentials your information could be at risk. As an immediate step, always change the password associated with the account credentials compromised by a scam.
What does a phishing URL look like? ›
Is the website looking sub-standard, for example low-quality images or branding (including logos) or poor spelling and grammar? This can signal that you're on a phishing website.
Other characters are unsafe because gateways and other transport agents are known to sometimes modify such characters. These characters are "{", "}", "|", "\", "^", "~", "[", "]", and "`". All unsafe characters must always be encoded within a URL.
What is a high risk URL? ›
The "high-risk" category is a non-malicious category that serves as an indicator of a URL's recent malicious associations. Since it is a non-malicious category, it is not recommended to block access to URL's/domains categorized as high-risk.
How to detect malicious URLs? ›
Check suspicious links by using a mixture of blacklists and deep machine learning by IPQS. Perform a domain phishing check for any URL with the latest IPQS threat data and real-time content analysis.
What is a malicious URL threat? ›
Malicious URLs host unsolicited content (spam, phishing, drive-by downloads, etc.) and lure unsuspecting users to become victims of scams (monetary loss, theft of private information, and malware installation), and cause losses of billions of dollars every year.
What are suspicious links? ›
What are Suspicious Links? In today's digital age, the reference of suspicious links relates back to the dangers of a potential cyber-attack, specifically a phishing or spear phishing attack. According to CSO, the goal of a phishing attack is to use email to fool the recipient into clicking on a fake link.
How do you know if a URL is secure? ›
A secure URL should begin with “https” rather than “http.” The “s” in “https” stands for secure, which indicates that the site is using a Secure Sockets Layer (SSL) Certificate. This lets you know that all your communication and data is encrypted as it passes from your browser to the website's server.
How do you check if a URL is good or not? ›
Here are a few ways you can check the safety of a link before you click on it.
- Hover your mouse over the link. ...
- Use a URL checker. ...
- Don't enter any data. ...
- Don't click on anything on the site. ...
- Disconnect from the internet. ...
- Do a full scan of your device using antivirus software. ...
- Keep an eye on your accounts.
A malicious URL is a link that leads to a website that is in some way dangerous to the user or their device. They are often used in phishing attacks to steal people's data or to inject their devices with malware.
How do you know if I clicked on a bad link? ›
Before anything, it is essential you confirm you interacted with a phishing link, which can be confirmed by inconsistencies in the sender's email address, links, and domains. Hovering your cursor over the link before clicking provides a preview of the URL, a domain that doesn't exist is likely to be a phishing link.
