resilience

“Is that link phishy?”

Posted by resilience on

Ever wonder if a site or link or whatever is legit?

It’s not getting any easier to tell when a website, link, or attachment is ‘phishy’ meaning if it’s legit or something we want to avoid like, well, a plague (too soon?).

When we’re talking about links, it’s important to know that there are generally two types of links.

The first is the typical, old-school, regular ones start with the usual http(s)://whatever ending with .com, .net, .org, and many other possible (even vanity) Top-Level-Domains or TLDs for short, followed by the rest of the link that can often be very long.

To make these reaaaaaalllllly long links much shorter, many people use a link-shortening tool that does shorten them but the downside is it also obscures the full link, making it trickier to tell if one of these is legit or not. Links that have been shortened in this way typically look something like goo.gl/U7bks or bit.ly/KL4r and are easy to click on when we’re not thinking. That’s why criminals use them often.

To defeat their attempts to trick us, we can use some tools to stay safe and smart!

Typically, I start with VirusTotal –> https://www.virustotal.com/gui/

You can copy/paste links in there, upload potentially malicious attachments there (be careful with this one and be especially mindful you’re not uploading sensitive information, too), and/or search for URLs that may or may not be trouble.

There are other choices, of course, like URLVoid (and related tools), for example, and Trend Micro recently released this tool that checks for lots of nasty stuff and also has integrations with Chrome, WhatsApp, and Messenger:

We can type any link, full-length or shortened, and the tool will verify if it’s legit. If the link is legit, we’ll see all green:

Don’t use Chrome, WhatsApp, or Messenger? Use this instead: https://check.trendmicro.com

Pretty cool these tools are getting easier to use. Hat tip to Rik Ferguson for the tip (full disclosure: Rik is VP Security Research for Trend Micro but I am not affiliated with them or the other tools mentioned).

Please share with family and friends if you think it would help make the Web less stressful and more fun for everyone.