How to check link safety: signs of dangerous URLs

Anton P. | September 1, 2022

Check link safety to detect potentially dangerous URLs in emails, messaging apps, SMS messages, and social media. You can hover over links or use external tools to see destination previews. In other cases, you might need an URL checker to determine if it features unsafe content.

Overall, dangerous links have many security concerns, like secretly installing malware or stealing data. Thus, the tips we mention will help you become well-versed in identifying dangerous URLs.

how to check link safety

Why should you check link safety before clicking?

You should check link safety before clicking on URLs. It is best to be cautious as the consequences of interacting with dubious links can be far from pleasant.

A malicious URL is a clickable link leading to a dangerous or fraudulent website. It can put your device, network, and personal information at risk.

Here are some of the scenarios and dangers associated with suspicious links:

  • Malicious links can aim to infect your device. Drive-by downloads mean your device could catch malware and viruses from visiting a website. You won’t need to interact with buttons or other content. Such attacks exploit known vulnerabilities to distribute malware. However, your actions on a suspicious website can also trigger downloads of spyware, keyloggers, adware, etc.
  • Phishing links can hope to capture personal data. Some links could seem relatively safe, like an e-commerce store offering various goods. However, it could be a front for capturing users’ credentials and financial information.
  • Fraudulent links can lead to low-quality or fake services. A suspicious service could claim to offer its assets for free. However, you still need to provide your bank account details. Over time, you might notice small charges secretly made to your account.

What types of malicious URLs are there?

Suspicious links can come in multiple forms:

  • Text hyperlinks. Anchor texts can hint at one destination, such as See tax report or See order details. Without inspecting the link, you could end up on a dangerous site.
  • Image hyperlinks. Images can also act as links. Users might assume that clicking on them will show images in original sizes. However, it could also lead to phishing websites.
  • Naked links. Such links use their URLs as anchor texts. Since they reveal the destination immediately, it is a less common strategy.
  • Shortened links. These URLs obfuscate their actual destination. It is the most widespread strategy for distributing dangerous links.
  • Buttons as links. Such suspicious URLs are common in emails or pop-ups.

You can find these suspicious URLs in various places online, but the most common include the following:

  • In emails, phishing campaigns send out messages containing dubious links. Buttons, hyperlinks, and shortened links are the most common here.
  • SMS messages can belong to smishing campaigns that distribute misleading texts from unknown sources. Shortened links are likely to be the most popular.
  • Social media posts can contain suspicious links, likely shortened ones.

How to check link safety

Steps to check link safety do not require tech-savvy skills. Anyone can inspect the URL in question to see whether it is legitimate. However, mobile users will have more difficulty checking link safety.

See short link destination

Link shortening is common, especially on Twitter that supports a limited number of characters per post. However, checking short link safety before clicking on it is crucial.

How to check whether a shortened link is secure? Here are some ways:

  • URL shortening services offer a preview. TinyURL,, or all offer options for reviewing links in a secure environment. For TinyURL, add the word preview between the http:// and the tinyurl. For and, add + sign at the end of the link.
  • Use sites for checking link safety that can display the full URL for a shortened link.

Even if posts originate from reliable sources, like Twitter accounts you have followed for years, take the time to inspect URLs. Account takeovers are more common than you think, exposing massive audiences to dangerous links.

Recent news explained how Mike Winklemann, a digital artist known as Beeple, had his Twitter account hacked. Criminals posted multiple tweets in his name, adding links that instantly drained Ethereum from victims’ wallets.

Even if your favorite artists or YouTubers post about giveaways or new merch, think twice before believing these posts.

Hovering over a link might not be effective

You can hover your cursor over the link to see its true destination. This technique works best with embedded links. Thus, you can see the actual URL without interacting or using external tools.

However, hovering over links is no longer enough. According to ZDNET, criminals have improved their strategies to bypass such security precautions.

For instance, users might see domains related to legitimate services when they hover over links. This attack abuses open redirects, which means a series of redirects happen after users click on links. In the malicious campaign reported by ZDNET, redirects lead to Google reCAPTCHA, followed by a fraudulent Office 365 login page.

Therefore, you can hover over links but do not solely rely on this technique to check link safety.

Try link safety checker tools

Google Safe Browsing site status is one source to check URL safety. However, many link safety checkers exist, many of them free.

They aim to analyze links and detect security issues like malware distribution, unsecured connections, etc. VirusTotal is another option, which can inspect URLs, IP addresses, or file safety.

What if you already clicked on a dangerous link?

Phishing links are dangerous by design. Users could have triggered automatic downloads or revealed personal information. Thus, it is crucial to check the security status of your device and data.

  • Keep track of data you might have revealed to the suspicious source. For instance, if you exposed Office 365 credentials, change them as soon as possible.
  • Run a scan with antivirus software. An antivirus program should detect if the dangerous link had triggered a malicious download.
  • Contact your bank if you have revealed your financial information, like your bank account number and CVV. Consult the services about the ways to deal with the potential breach.

General tips for checking link safety

Check each link for safety whenever you consider opening an URL.

  • If a link looks suspicious, do not click it. Access the service through its official URL, not random buttons, images, or links.
  • Odd characters in links could suggest URL encoding used to mask destinations. Punycode is common for fake websites.
  • If an URL features HTTP instead of HTTPS, it should discourage you from revealing any personal information via it.
  • Use a tool to block potentially dangerous websites from loading. Atlas VPN includes a Tracker Blocker feature. It blocks pop-up ads and suspicious websites.
  • See whether data linked to your accounts, like email, is secure. Atlas VPN bolsters data security with an advanced Data Breach Monitor. It analyzes databases of breached information for data linked to your email accounts.
Get all benefits VPN can provide

Get all benefits VPN can provide

Experience the internet without limits — no geo-blocks, censorship, or tracking. Atlas VPN is your daily companion for a more open & secure internet!
Anton P.

Anton P.

Former chef and the head of Atlas VPN blog team. He's an experienced cybersecurity expert with a background of technical content writing.



© 2022 Atlas VPN. All rights reserved.