How to Identify a Malicious Link

The Internet is infamous for being full of threats, most of which are hidden behind links that appear innocent or harmless. In order to go about business safely, you need to be able to recognize which links you should click on, and which links you should avoid.

Sadly, identifying fraudulent links is far from an exact science, but there are ways to become better at it. 

Trust No One...
...or at the very least, trust no one’s links. It is common for malicious links to be shared via emails or social media chats. In your email client, an easy check is to select the option to view the full header of the message. This allows you to view the sender’s full email address, as well as the reply-to address, allowing you to determine if the sender is legitimate.

If a regular contact of yours sends you a link without any context, it is better to reach out to them via some other means to confirm that they did actually send you the mysterious link. Similar actions can take place over social media accounts. Less security-minded contacts can all too easily have their accounts hijacked to spread a malicious link; thus, you should always be careful of messages that come without warning, even if you know and trust the apparent source.

Occasionally a cybercriminal will construct a clone of someone’s social media account to try and trick their target into accepting friendship. While this may appear harmless, remember that the person behind the account now has access to a running record of your activities.

Additional Defenses
It is also imperative to remember that the cybercriminals that use these messages are becoming much more convincing. Most of these phishing attempts will draw upon data hijacked from other breaches or drawn from any online accounts to make their attempts seem more plausible.

Your greatest defense against links like these is to hover your cursor over the suspicious content to see if the link matches what it should. In addition, keep an eye for any atrocious spelling errors in the surrounding message, which is a standard sign of a malicious attack.

Google Makes Its Move
Google has chosen a policy of flagging any website that doesn’t have a Secure Sockets Layer (SSL) certificate. This means that, in order to avoid your website displaying a leading “Not Secure” in the address bar, you need to acquire a certificate as soon as possible. This will encourage a sense of trust from your web visitors, encrypt their sensitive information and keep them safe from cybercriminals.

Now that you know how to recognize malicious links, you should call Macro Systems so that we can stop as many as we can. Call 703-359-9211 for more information.