Tips and tools to check links in emails without clicking
Is it hidden?
Most of the suspicious links will have been hidden in the hope that you won’t see it’s true destination, and just the nice message asking you to ‘Click here to open’ or ‘Here’s your shared file’ etc.
The simple answer to this is to hover over any obscured link. The pop-up window will show you exactly where it’s looking you to go. If it is an exact destination you know, then you can trust it a little more, but not 100%. Eg. https:// pay-pal.com is a completely different destination to https:// paypal.com and shouldn’t be trusted.
Is it unsolicited?
Were you expecting this email?
Is it from someone that you may possibly know, but would have no reason to contact you out of the blue?
Is it from a person or company you have never contacted or heard about before?
No?…then it IS unsolicited! Approach with caution and check all other points in this guide!
Is it a shortened link?
Used mainly for the Twitter generation (when it’s limit was 140 characters ) shortened links took a link of any length and cropped it to a minimum of characters, but in doing so it became obfuscated, you couldn’t tell where it really went! Bit.ly, ow.ly, goo.gl, tinyurl, adf.ly are all legitimate services, but are easily abused and can send you to any destination, good or bad!
Expand the shortened link using an online service such as: http://checkshorturl.com/ and this will show you the true link destination.
Does it have lots of strange characters in it?
Hackers and malware distributors will often try to hide the address within a link by using URL encoding to replace the characters with special characters and strings of characters. Unless you use a decoding tool to replace these back in, it is highly likely that it is malicious and should not be clicked. Eg. the letter “A” when encoded would be translated into “%41”. To do this yourself, here is a useful decoding site: https://www.urldecoder.org/
Ultimately you should never click on a link unless you are 100% certain that it is legitimate and safe to do so. But to be protected in the event that you are somehow fooled into clicking, follow these simple steps.
1. Hover and check (Hold the mouse curser over the link to see the actual address)
2. Were you expecting the email?
3. Expand shortened links (http://checkshorturl.com/)
4. Check all links for known nastiness:
5. Ask an experienced person for a second opinion
6. Trust your anti-malware software. (Make sure realtime scanning is enabled, enable email integration if offered, make sure it’s kept updated and maybe have 2!)
7. If in doubt, don't click!