How to check link safety: signs of dangerous URLs

Anton P. | January 30, 2023

Check link safety to detect potentially dangerous URLs in emails, messaging apps, SMS messages, and social media. You can hover over links or use external tools to see destination previews. In other cases, you might need a link checker to determine if it features unsafe content.

Check link safety to guarantee that URLs won't lead you into fake phishing websites. Hover over links, check shortened links, and use link checkers.

Why should you check link safety before clicking?

You should check link safety before clicking on URLs. It is best to be cautious, as the consequences of interacting with unknown links can be far from pleasant.

A malicious URL is a clickable link leading to a dangerous or fraudulent website. It can put your device, network, and personal information at risk.

Here are some of the scenarios and dangers associated with suspicious links:

Malicious links can aim to infect your device. Drive-by downloads mean your device could catch malware and viruses from visiting a website. Actions on a suspicious website can also trigger downloads of spyware, keyloggers, adware, etc.
Phishing links can capture personal data. Some links could be fronts for capturing users’ credentials and financial information.
Fraudulent links can lead to low-quality or fake services. A suspicious service could promise free goods to get your details.

What types of malicious URLs are there?

Suspicious links can come in multiple forms:

Text hyperlinks and anchor texts can hint at one destination, such as See tax report or See order details. You need to inspect the link to avoid ending up on a dangerous site.
Users might assume that image hyperlinks will show images in their original sizes. However, it could also lead to phishing websites.
Naked links use their URLs as anchor texts. Since they reveal the destination immediately, it is a less common strategy.
Shortened links obfuscate their actual destination. It is the most widespread strategy for distributing dangerous links.

You can find these suspicious URLs in various places online, but the most common include the following:

Phishing campaigns send out messages containing dubious links in emails via buttons, hyperlinks, and shortened links.
SMS messages can belong to smishing campaigns that distribute misleading texts from unknown sources.
Social media posts can contain suspicious links, likely shortened ones.

How to check link safety

Steps to check link safety do not require tech-savvy skills. Anyone can inspect the URL in question to see whether it is legitimate. However, mobile users will need help checking link safety.

See short link destination

Link shortening is common, especially on Twitter, which supports a limited number of characters per post. However, checking short link safety before clicking on it is crucial.

How to check whether a shortened link is secure? Here are some ways:

URL shortening services offer a preview. TinyURL, Bit.ly, or Goo.gl all offer options for reviewing links in a secure environment. For TinyURL, add the word preview between the http:// and the tinyurl. For Bit.ly and Goo.gl, add a + sign at the end of the link.
Use sites for checking link safety that can display the full URL for a shortened link.

Even if posts originate from reliable sources, like Twitter accounts you have followed for years, take the time to inspect URLs. Account takeovers are more common than you think, exposing massive audiences to dangerous links.

Hovering over a link might not be effective

You can hover your cursor over the link to see its true destination. This technique works best with embedded links. Thus, you can see the actual URL without interacting or using external tools.

However, hovering over links is no longer enough. According to ZDNET, criminals have improved their strategies to bypass such security precautions.

For instance, users might see domains related to legitimate services when they hover over links. This attack abuses open redirects, which means a series of redirects happen after users click on links. In the malicious campaign reported by ZDNET, redirects led to Google reCAPTCHA, followed by a fraudulent Office 365 login page.

Try link checker tools

Google Safe Browsing site status is one source to check URL safety. However, many link safety checkers exist, many of them free.

They aim to analyze links and detect security issues like malware distribution, unsecured connections, etc. VirusTotal is another option that can inspect URLs, IP addresses, or file safety.

How to check if a link is safe on Android or iPhone

The best way to check whether a link is safe on Android or iPhone is to copy the link. Then, scan the link using a preferred URL checker.

What if you already clicked on a dangerous link?

Phishing links are dangerous by design. Users could have triggered automatic downloads or revealed personal information.

Keep track of data you might have revealed to the suspicious source.
Run a scan with antivirus software to detect if the dangerous link has triggered a malicious download.
Contact your bank if you have revealed your financial information, like your bank account number and CVV.

General tips for checking link safety

Check each link for safety whenever you consider opening an URL.

If a link looks suspicious, access the service through its official URL, not random buttons, images, or links.
Odd characters in links could suggest URL encoding used to mask destinations. Punycode is common for fake websites.
If an URL features HTTP instead of HTTPS, it should discourage you from revealing personal information.
Use a tool to block potentially dangerous websites from loading. Atlas VPN includes a Tracker Blocker feature. It blocks pop-up ads and suspicious websites.
See whether data linked to your accounts, like email, is secure. Atlas VPN bolsters data security with an advanced Data Breach Monitor. It analyzes databases of breached information for data linked to your email accounts.