How to check if a link is safe

How to Check If a Link Is Safe Before Clicking

Links are one of the most common vectors for cyber attacks, phishing scams, and malware distribution. Clicking an unsafe link can compromise your personal information, install malware on your device, or redirect you to fraudulent websites designed to steal credentials. Learning to verify link safety before clicking is a critical part of staying secure online. Multiple tools and techniques are available to check links, ranging from simple visual inspection to advanced scanning services.

Visual Inspection and URL Analysis

Before clicking any link, hover your mouse over it (without clicking) to see the actual URL in a preview tooltip, usually appearing in the bottom-left corner of your browser. Compare this URL with the text of the link—they should match exactly. Legitimate companies never ask you to click suspicious links. Look for red flags: misspelled domain names, unusual characters, suspicious subdomains (like "paypal.com.secure-login.xyz"), or URLs with long strings of numbers instead of a domain name. Legitimate URLs for banks and major companies use HTTPS (the "s" after "http") and display a padlock icon, though not all secure sites are trustworthy.

VirusTotal: Comprehensive Link Scanning

VirusTotal (virustotal.com) is a free online tool that scans URLs against 90+ different antivirus engines and website security vendors simultaneously. Simply paste the suspicious URL into VirusTotal's search bar and click "URL" to scan. The tool displays the scan results showing how many security vendors flagged the link as malicious, suspicious, or clean. Green indicates the link appears safe, yellow shows potential risks, and red indicates the link is likely malicious. This is one of the most comprehensive free tools available.

Google Safe Browsing and Built-in Browser Tools

Most modern browsers (Chrome, Firefox, Edge, Safari) include built-in Safe Browsing technology that warns users when visiting known malicious sites. Google Safe Browsing provides real-time protection against phishing, malware, and unwanted software. If a site is flagged as dangerous, your browser will display a warning page before allowing access. You can also use the Google Safe Browsing tool (google.com/safebrowsing) to check specific URLs. Microsoft Defender SmartScreen serves a similar function for Edge and Windows browsers.

URLhaus and Phishing Detection Tools

URLhaus (abuse.ch) is a project that tracks malicious URLs and provides information about known phishing and malware distribution sites. PhishTank (phishtank.com) specializes in identifying phishing URLs submitted by users and security researchers. Both services maintain databases of dangerous links updated in real-time. These specialized tools are particularly useful for identifying phishing attacks targeting specific companies or services.

Browser Security Extensions

Install reputable security extensions that automatically scan links and websites as you browse. uBlock Origin includes filtering for malicious sites, Malwarebytes Browser Guard warns about unsafe sites and blocks tracking, and Norton Safe Search displays safety ratings for search results and websites. Web of Trust (WOT) shows community ratings for websites. These extensions run in the background and warn you before you click dangerous links, providing passive but effective protection. Always download extensions only from official app stores to avoid fake security software.

Email and Messaging Link Safety

Links in emails and messages are particularly suspicious, especially from unknown senders or unexpected sources. Never click links in unsolicited emails claiming to verify account information, confirm identity, or resolve urgent issues. Legitimate companies never request personal information via email links. Instead, go directly to the official website by typing the URL in your browser or calling the company's verified phone number. Hover over sender email addresses to verify they match the company's official domain.

Advanced Link Analysis Techniques

For suspicious links from trusted sources that may have been compromised, check the link's cache, SSL certificate, and WHOIS information. Services like SSL Labs (ssllabs.com) analyze the security certificate of a website. WHOIS lookup tools reveal who registered a domain and when, which can expose newly registered phishing domains. If a website claims to belong to a major company but was registered recently with a fake registrant, it's likely a phishing site.