Almost every aspect of our life is connected to the internet in some way. Emails, web navigation, and online shopping are becoming fundamental parts of our daily activities. Although the positive effects of online services are immense, the web is full of spammy, harmful, and unsafe content.
Attackers are getting creative at deceiving online users, they pursue simple yet tricky tactics to spread infected links through multiple channels. If the user blindly clicked on a suspicious link, it might put the user’s data, personal information, devices, or financial records at high risk.
There are many useful indicators to know if a link on the web is safe or not. Some of them are techniques that help us capture infected links, while the majority make use of our good sense to “smartly” inspect the link and decide whether it’s fake or not.
Additionally, being suspicious is the first step toward protecting our online presence. This is because whatever techniques we adopt to investigate suspected sites, absolute safety is quite hard to guarantee.
We developed a comprehensive guide of all tips, tricks, and best practices to assess the safety of web links. Primarily, without clicking on the link to avoid any potential danger.
Here is our list of indicators to know if a link is safe or not, as we assess each one in terms of its impact on evaluating the link.
| # | Indicator | Importance (Evaluation Impact) |
|---|---|---|
| 1 | Look For HTTPS Protocol | HIGH |
| 2 | Check Domain Name | HIGH |
| 3 | Inspect Link Location | HIGH |
| 4 | Verify Sender Identity | HIGH |
| 5 | Use Link Safety Checker | MEDIUM |
| 6 | Double Check Shortened URLs | MEDIUM |
| 7 | Ask the Community | MEDIUM |
| 8 | Check Website Backlink Profile | LOW |
| 9 | Inspect Encoded Links | LOW |
| 10 | Check If a Link is Safe on Android & iPhone | LOW |
1. Look For HTTPS Protocol
HTTP is the default protocol when visiting websites, it controls how communications between web servers and clients are established. Because HTTP requests are unencrypted, the default HTTP protocol is not totally secure.
HTTPS is an extension to provide additional security and encryption layers for HTTP. It is one of the most important things to inspect when telling whether a link is safe or not.
Links that use HTTPS are more secure than plain HTTP connections. Because whatever sensitive information you submit via HTTPS they will be encrypted, therefore, they can’t be stolen if the connection is intercepted.
HTTPS is not a proof the link is safe, it doesn’t also guarantee the website is not a scam. However, the absence of HTTPS protocol is a strong indicator that the visited website is not trustworthy.
There are two elements to check to verify whether an HTTPS link is valid or not: the link prefix and certificate.
1.1. Check HTTPS Prefix
HTTPS links can be easily distinguished as they must start with a specific prefix.
Look at the very beginning of the inspected link, it should start with https://. If not, or if it starts with http:// (without ‘s’) or any other protocol, then the link should be visited with caution.
Some browsers hide the protocol in the link. In this case, you can check the prefix by just copying the link into any text editor.
1.2. Check HTTPS Certificate
As this can’t be verified without clicking on the link, alternatively, you can visit the website homepage instead of the full URL. Then, a small padlock should appear with a “Connection is secure” message next to the URL in the browser. Any other output means the certificate is invalid and the link is unsafe.
Typically, the website homepage can be retrieved by removing everything after the domain extension, like .com, .org, .net, .io, etc. from the link.
For more details about what may happen if someone accidentally visited an HTTP website, please check our detailed article: 5 Threats May Happen When Visiting Unsecure Website [Explained]
5 Threats May Happen When Visiting Unsecure Website [Explained]
This article explains the most common dangers of visiting unsecure or malicious websites. For each threat, we describe how it happens, its potential risk, and what can be done to prevent it and protect ourselves. Finally, we discuss if the visitor can be hacked just by visiting an infected website.
2. Check Domain Name
The domain name is the first part of the link that tells the website’s name. Sometimes we can resort to it to tell whether a link is safe or not.
For example: technocript.com is the domain name in the following link:
https://technocript.com/category/content-management-systems/Here we have to cover two aspects:
2.1. Check Domains SIMILAR to Known Websites
Some scammers tend to deceive online users by replicating a well-known domain name in their links.
This basically takes place by changing some letters in the website name or replacing their positions. So that the manipulated link looks identical to a trusted brand or renowned website.
The best we can do here is to double-check the domain name in the link, preferably letter by letter. To verify it’s not trying to redirect us to a suspicious online source other than what it is pretending to be.
In some cases, those minor differences might be too difficult to be detected specifically when the link contains subdomains or not widely known websites.
If you could spot such a manipulated link, most likely the link is not safe as it has been created to be misleading.
We list in the following table some patterns of these risky links. Can you figure out what the trick in each one is, without looking at the authentic link?
| Known Link | Example of Risky Link |
|---|---|
| https://www.amazon.com | https://www.amazun.com |
| https://www.facebook.com | https://www.facebock.com |
| https://mail.google.com | https://mail-google.com |
| https://my.microsoft.com | https://my-microsoft.com |
| https://accounts.google.com/signin | https://accounts.goog.le/signin |
| https://www.adidas.com | https://www.adibas.com |
2.2. Check RANDOM Domain Names
Spammy websites usually lack the needed authority to live for a long time. Thus, most of them pop up and disappear pretty quickly.
For this reason, their domain names tend to include random and vague words or extensions. They may also have names that are quite different than what they are supposed to refer to.
Here are some examples:
- www.tastyxyz.com
- www.hamently.xyz
- www.dlsoftexy.space
- www.landioni.info
Therefore, it’s recommended to avoid following a link you are unable to read or understand naturally. On most occasions, such links can be dangerous or contain viruses that might put your device and data at risk.
3. Inspect Link Location
Technically speaking, all links on the web are implemented by using the <a> HTML element. Each link has two main attributes:
- Link Text or Anchor Text: the clickable text (or sometimes button or image) that, when clicked, redirects us to the intended page.
- Link Location/URL: the destination of the link, the actual web page address that opens after clicking the link.
Here are some examples of different link formats, be aware that the link text can be totally different than the link location:
| Link | Link Text | Link Location |
|---|---|---|
| Click here to visit our website | “Click here to visit our website” | https://technocript.com |
| about us | “about us” | https://technocript.com/about/ |
| https://technocript.com | “https://technocript.com” | https://technocript.com |
| Click Me | “Click Me” | https://www.google.com |
| www.google.com | “www.google.com” | https://technocript.com |
 | No text (image) | https://technocript.com/privacy-policy/ |
That said, it is fairly easy for attackers to create fake links with misleading anchor texts. So you don’t know what link you have actually followed.
For example, you end up clicking on an "unsubscribe from our newsletter" link in your email, while you are in fact being redirected to a spammy website or downloadable malicious software.
With that in mind, we must ignore the anchor text and check if the link location reflects the intended website.
How to inspect the actual link location:
There are various methods, but let us get to the simplest ones:
Hover over the link: most browsers let us know what the full URL is by just hovering over the link text with the mouse. The corresponding link location appears somewhere at the bottom of the browser, most likely in the left corner.
Copy link location: another way would be to right-click on the link to open the context menu, and then choose “Copy link” (Firefox and Edge), “Copy link address” (Chrome and Opera), or any other similar option. Next, the link location can be pasted into any text editor to be inspected.
Try testing any of these two methods on the examples above, to know what the actual URL is for each link.
Another useful tactic to assess the safety of the link is by comparing its anchor text and location. If they are irrelevant to each other then the link is not trustworthy.
4. Verify Sender Identity
Although spammy links can be found anywhere on the web, most of them take place via messaging platforms. Including emails, text messages, and instant messaging apps.
According to phishing statistics, 96% of phishing attacks are conducted via email. Where the top five subject lines include words like Urgent, Request, Important, Payment, and Attention.
To assess the safety of a received link, we should first verify for certain who sent us the email or message and why.
In this context, we would strongly recommend asking the following questions before clicking on ANY received link:
- Who sent me this message? Is it from a person or a company?
- Do I personally know the sender? Is it my friend, my bank, or a newsletter I subscribed to?
- Am I used to receiving from them regularly? Do I have an active relationship with them?
- Am I expecting this message at this time?
- Are the message’s language, terms, and expressions seem familiar to me?
- Does the message contain typos, misspellings, or poor grammar? Is this normal?
If you can’t confidently answer these questions, then the link should be seen skeptically.
The risk of receiving suspicious messages is due to scammers getting much better at impersonating people and trusted service providers. On top of that, friends may also unknowingly forward unsafe links in emails or social media posts.
For these reasons, when you receive a message that asks you to take action, simply DO NOT TAKE THIS ACTION until you verify the sender’s identity and purposes. Don’t also click on any sort of “unsubscribe” links in this message as all links might be vicious.
5. Use Link Safety Checker
Another approach to assess the safety of web links is to use an online tool. There is a handful of free websites that analyze the link and examine hidden security concerns.
Each safety checker tool relies on its own methodology and rules to examine the link security issues. So we may get mixed results when using multiple tools. However, all of them alert us if some security breaches were found based on their database.
The following are the most well-known link-checking tools:
5.1. Google Safe Browsing
Google Safe Browsing is a transparency report to identify unsafe websites and notify users of potential harm. It was built by Google’s security team to disclose warnings and share them towards a safer and more secure web.
To assess the safety of a link, navigate to the site status page, and then copy the link to the input field. The link status will appear with some tips on what you should do to avoid potential risks.
Unlike many other tools, this service assesses each link separately. So if you entered a full website sometimes the tool will ask you to provide a specific URL.
5.2. Norton Safe Web
Norton Safe Web is a service provided by the famous security and antivirus product maker, NortonLifeLock, formerly known as Symantec Corporation.
This service identifies malicious websites based on automated analysis and user feedback.
To scan if a link is safe or not using Norton Safe Web, simply copy it into the site address field. Then the tool will highlight the risk level of the website if it is OK, CAUTION, WARNING, or UNTESTED.
It’s worth noting that Norton Safe Web doesn’t check the link itself. Instead, it assesses the link based on the reputation of the whole website. In most cases, this would still be relevant as trustworthy websites don’t usually host malicious content.
5.3. URLVoid
URLVoid is a website reputation checker that helps to detect potentially malicious websites. To do so, URLVoid analyzes the website using data from more than 40 scanning engines.
To check the safety reputation of a link in URLVoid, copy the link to the URL field in this tool. The results include details about the domain, DNS, IP Address, and server location. As well as a list of examined engines and the results obtained from each one.
Just like Norton Safe Web, URLVoid determines the safety of links by assessing the reputation of their websites.
5.4. Other Link Safety Checker Tools
Here are additional examples of online tools to assess the safety of web links:
| Tool | Description |
|---|---|
| PSafe | Free link checker by dfndr cybersecurity lab to check the safety of a link without clicking on it. |
| EmailVeritas | Free URL scanner and website checker to detect malicious URLs including malware, scam, and phishing links. |
| Trend Micro Site Safety Center | Free service to check the safety of a particular URL that might seem suspicious. |
| VirusTotal | Free tool to analyze suspicious files, domains, IPs, and URLs to detect malware and other breaches. |
| PhishTank | Anti-phishing site that offers a community-based phish verification system. Where users submit suspected phishes or vote for them. |
5.5. Link Checker Addons
There are some security tools that come as browser extensions. They help us check links on the fly when navigating the internet. When requested, the extension analyzes and assesses the link and then raises alerts in case any safety indicators have been found.
Dr.Web Link Checker and Link Virus Check – Security Plus are examples of these extensions. Both of them add an item to the context menu, so that the user can right-click on the link and choose to validate its safety from the popped-up menu.
6. Double Check Shortened URLs
A shortened URL is another version of the original link which was shortened for convenient usage and distribution. When clicking on a shortened URL, it redirects us to the originally targeted page.
For example, our about page link (https://technocript.com/about/) can be shortened to https://bit.ly/3ptVko7.
In many cases, malware distributors resort to link-shortening services, such as Bitly and TinyURL, to conceal the actual destination of the link.
Shortened URLs don’t necessarily mean the link is dangerous, however, they require extra caution to unveil the true location of the link.
It’s fairly impossible to know if a shortened link is safe by just looking at it. Because such a link usually refers to the shortening service, which in turn redirects it to the final destination.
Furthermore, most online checker tools fail to properly handle shortened URLs. They mistakenly scan the shortening service website instead of the original link location.
That said, how to check if a shortened link is safe without clicking on it?
There are two possible techniques: previewing the actual link location and link expansion.
6.1. Preview Actual Link Location
Some URL shortening services do provide means to preview the destination of a shortened link. We can resort to them in case we could identify which service has been used to shrink the link based on some patterns.
Here is how to preview the actual link location for URLs shortened using the two most well-known services:
| Shortening Service | Method | URL Example | Preview Example |
|---|---|---|---|
| Bitly | Add + to the end of the URL | https://bit.ly/3QFhNuw | https://bit.ly/3QFhNuw+ |
| TinyURL | Type preview. at the beginning of the URL | https://tinyurl.com/2p83a8xu | https://preview.tinyurl.com/2p83a8xu |
If the link was shortened by another service, you need to check how to preview it using this service. As it’s out of this article’s scope to cover all existing shortening and preview methods.
6.2. Use Link Expansion Service
Sometimes it is difficult to detect which tool has been used to generate the URL. To solve the issue, some tools popped up to offer the ability to expand a shortened URL for safety purposes.
CheckShortURL is a link expansion service that allows retrieving the original URL from a shortened link before clicking on it. It supports almost all URL shortening services. It also provides a screenshot of the distant page behind the URL.
Unshorten.it, GetLinkinfo, and URL X-ray are other services to help you restore the shortened link to its original version.
To this end, all mentioned techniques help us know what the link location is. However, we still need to follow other tips to assess the safety of the revealed link.
7. Ask the Community
Scammers depend on broadcasting infecting links to a vast number of online users. Thus, when you receive a suspicious link, most probably many others have received it as well.
Asking the community is a pretty useful idea to know if a link is safe or not, many users are always willing to share their experience by reporting spammy websites or infected links.
To do so, you just need to fetch the link’s website (or maybe full URL) and search in google for:
Is (URL or website) safe?
Depending on how much the link was caught before, you might be able to find quite useful results from blogs, forums, and spam detector websites.
However, if you were unlucky to find relevant answers, it’s still a good idea to throw a question on Q&A forums like quora and Reddit. You will definitely encounter helpful and responsive people out there.
Likewise, if the link was received by email, you can also check the domain of the source email, typically everything after @ sign.
8. Check Website Backlink Profile
The Backlinks of a website are simply links from other websites that point back to this site. The Backlink is an essential concept in the web, as it is being utilized to assess the reputation and quality of the website.
The better Backlink profile a website has, the more reputable and trustworthy it is.
Links to websites with higher backlink profiles are most likely safe and risk-free. On the other hand, links to websites with lower Backlink profiles don’t certainly mean the link is unsafe.
That being said, one good method to assess how safe a link is, is to check the Backlink profile of its website (sometimes called Domain Authority or Domain Ranking). Considering that trusted service providers with quality Backlink profiles don’t allow spammy content to appear on their websites.
How to assess the website backlink profile?
We can use SEO (Search Engine Optimization) tools to check the website’s backlink profile, as backlinks play a fundamental role in enhancing the search visibility of the website.
Each tool assesses the website domain authority based on its criteria, however, most of them rank it out of 100.
Furthermore, there is no specific domain authority threshold for a good website. However, very high domain authority websites usually mean the website is well-known and more trustworthy.
It’s worth noting that new websites take time to achieve good domain authority, so the Backlink profile doesn’t necessarily give an accurate evaluation of newly published and low-impact websites.
Here are some free tools that can be leveraged to assess the website’s Backlink profile:
- Moz Link Explorer: Moz is a famous SEO tools provider, it provides a free link explorer interface to analyze the website’s reputation on the web. Its Domain Authority value represents the website Backlink profile score.
- Majestic Site Explorer: Majestic is another rich tool for SEO data analysis, it has a site explorer to analyze the Backlink profile for websites. Instead of the domain authority scale, this tool provides two scales: Trust and Citation Flow. Both of them can be based upon to validate the Backlink profile.
- SEMRush Domain Overview: SEMRush is another powerful data analysis tool for SEO. It can be used to investigate the Backlink profile for websites. Its Authority Score reflects how powerful the Backlink profile is.
9. Inspect Encoded Links
URL encoding is yet another technique to hide the actual destination of malware or phishing links.
URL encoding converts some link characters into ASCII characters. So that they can be still transmitted over the Internet, but can’t be easily read by humans.
Here is an example of an encoded URL:
https://www.google.com/search?q=how%20to%20check%20if%20a%20link%20is%20safe
Decoding the encoded link is critical to unveil its destination or any suspicious commands that attackers hide inside it.
That being said, if you find odd or special characters (like %) in the link, you should investigate it. URL decoders can be used to translate the link back to its clear format.
There are various free online tools to decode ASCII characters in the link. URL Decode and Encode is one of them.
10. Check If a Link is Safe on Android & iPhone
As mobile phones hold the majority of our daily online activities, there is always a high chance we come across infected links when using them.
In order to spot spammy links on mobile devices, it’s strongly recommended to follow the tactics previously mentioned in this article. As all of them work efficiently regardless of the device or platform being used.
To check if a link is safe on mobile devices, we just need to long-press on it to inspect its full URL/location. Then we can follow the previously mentioned tips to detect anything suspicious in the link.
Applications to monitor unsafe links on mobile devices:
There are still useful mobile applications that help us know whether a link is infected or not.
Mobile Security – Lookout
It provides security and identity protection against viruses, malware, and spyware. It detects and blocks malicious links while navigating the internet. This app is available for both Android and iPhone devices.
Avast Antivirus & Security
It is a full security solution for mobile devices. It has a web shield that protects users’ privacy and secures the device against phishing attacks from emails and infected websites. It’s available on both Android and iPhone.
Link Protector – URL Scanner
It is a spam links detection application. It scans and blocks various types of spam, phishing, fraud, and fake links. The application is only available on Android.
Conclusion
In this article, we conducted a comprehensive search in order to help you know whether a suspected link is safe or not. We relied upon our team’s expertise in website security to bring the most relevant tips and best practices.
Finally, we can state here that browsing smartly and being suspicious is the first step toward spotting infected links and avoiding their undesirable consequences. This requires us to stay careful of any link we receive or encounter while surfing on the internet. So that we don’t open any suspicious link until we become certain of what this link is and if it is safe or not.
