Someone sent you a link. It looks okay… but is it really? Whether that person was a friend or a stranger, if it’s a link you weren’t expecting, you shouldn’t really click it.
Email, SMS, Facebook, Twitter or some other social network or collaboration tool… whatever you’re using, there’s an opportunity for scammers and spammers to send you links. Most of the time they’re probably safe. But when they’re not, disaster can strike.
One of the quickest-growing security issues these days is ransomware, which is often spread by people unwittingly clicking dangerous links. Malware and phishing sites are also major risks.
While you should be vigilant about all of your online activities, it doesn’t hurt to have a little help.
What a Link Checker Should Do
There are two types of URL.
- A standard-length URL, starting www, followed by the website name, and ending with .com or some other top-level domain.
- A shortened URL, such as goo.gl/V4jVrx.
It doesn’t matter whether the link you received is a standard-length URL or shortened. If it is dangerous in any way, the link checking tool should alert you to this. If the links are going to take you to a compromised website, the link checker highlight this immediately. Similarly, direct links to malware, ransomware and other risks should be reported by these tools.
Several sites are available to help you uncover the truth about those dodgy links. The following five sites are all favorites, but we’d advise checking more than one at any given time, to help you get the best results from your inquiries.
A top choice for checking potentially unsafe links, AVG Threatlabs scans links on a website for malware and other threats. All you need to do is enter the URL, and wait for the results.
Of course, AVG is a massive name in online security, and their site offers an extension of this reputation. There is a feeling that you can trust the results, and by scrolling down slightly, you’ll find a rogues’ gallery of sites that didn’t do so well.
This list is updated weekly, with the top 5 sites with the most malware detections named and shamed on the AVG Threatlabs site. It’s not a list you would hope to find any of your favorite websites on, is it?
If you prefer to get your security recommendations from the world-famous Kaspersky security firm (although you might not), you should try their VirusDesk. This is a dual-purpose tool that not only checks links to potentially dodgy websites, it accepts uploads of suspicious files. Handily, it offers both of these features via a dedicated link pasting/drag-and-drop field.
To use Kaspersky VirusDesk for link checking, enter the URL and click Scan. You’ll be quickly informed whether the target URL is safe or not. If you have reason to disagree with a “safe” result, you can click the “I disagree with the scan results” button. This will prompt the Kaspersky researchers to find out more. They’ll let you know of their findings by email if you leave your address.
Another you should look at us ScanURL, an independent website that takes your link queries submissions seriously via a secure HTTPS connection. Although the link submission screen is ad-supported, the results are good.
ScanURL polls Google Safe Browsing, PhishTank, and Web of Trust (who are rebuilding their reputation), as well as providing information about the queried site’s Whois record. The returned results will instantly indicate whether you should visit the site, and are accompanied by a ScanURL recommendation. If the site is dangerous, you’ll naturally be told to avoid it.
A number of sites (some of which are in this list) and tools are checked by ScanURL as it collates the results. Once the ScanURL result page has loaded, a permanent URL is applied. You can copy and paste this to share with friends, family, or the otherwise concerned so they can refer to it. Handy!
Instead of focusing on malware, PhishTank instead alerts you to phishing sites. But the principle is the same. Once you enter a URL that you suspect of harboring a phishing operation, PhishTank will check it out. If the link is already “in the tank” then you’ll get instant results. Otherwise, you’ll get a tracking number. Sadly, it’s not as simple to check a phishing link as it is to automatically check some malware links…
Concerned about sites that might con you into divulging personal data? If you have any knowledge of identity theft, then you’ll know much of this occurs thanks to phishing operations. PhishTank is always worth a visit when checking concerning links.
If you’re feeling charitable, meanwhile, you can get stuck in and contribute to the site. Other links that have been submitted can be verified. So, if you have the time, why not?
They might not be the world’s most privacy-conscious company, but Google does offer a useful link checking service. Their Transparency Report service offers a standard field into which you can enter the URL you’re concerned about. A few seconds later, the results — captured by Google’s web crawlers — will tell you if the site can be trusted.
Along with malware, Google Transparency Report will alert you to phishing risks. Concerned about accidentally giving your personal information away? Phishing is potentially a greater concern than malware, so it makes sense to be sure that the site you’re planning on visiting isn’t about to steal your identity.
Five Great Link Checkers: Which Do You Use?
There are good link checkers and bad ones. Be sure when searching for these tools that you’re landing on pages that search for security risks, rather than ones that check whether a website has any broken links. They’re not what you’re looking for!
What you need to use are tools that detect malware risks, phishing risks, and deliver results that you can share with others. We believe these five sites should deliver the confirmation you need when checking those potentially dodgy links:
- AVG Threatlabs
- Kaspersky VirusDesk
- Google Transparency Report
However, we’re willing to add to the list. Do you have a link checking tool you want to share with us? Leave a comment. And if you’ve ever been caught out by a dangerous link, and lost data because of it, we want to know about it.