How to Test a Suspicious Link Without Clicking It Does that link look a little strange? Here’s how to tell

Do you have click anxiety? It’s that feeling you get right before you click a link that looks a little fishy. You think to yourself, am I going to get a virus by clicking this? Sometimes you click it, sometimes you don’t.

Are there any warning signs that might tip you off that a link might infect your computer or send you to a phishing site?

The following sections will help you learn to spot malicious links and show you some tools you can use to test a link’s safety without actually visiting it.

Link shortening services such as bit.ly and others are popular choices for anyone trying to fit a link into the confines of a Twitter post. Unfortunately, link shortening is also a method used by malware distributors and phishers to conceal the true destinations of their links.

Obviously, if a link is shortened, you can’t tell whether it’s bad or good just by looking at it, but there are tools to allow you to view the true destination of a short link without actually clicking it. Check out our article on the Dangers of Short Links for details on how to view a short link’s destination.

If you received an unsolicited email that is supposedly from your bank asking you to “verify your information” then you are probably the target of a phishing attack.

Even if the link to your bank in the email looks legitimate, you shouldn’t click it as it could be a phishing link in disguise. ALWAYS go to your bank’s website by entering their address directly into your browser or via a bookmark you made yourself. Never trust links in e-mails, text messages, pop-ups, etc.

Oftentimes, hackers and malware distributors will try to conceal the destination of malware or phishing sites by using what is known as URL encoding. For example, the letter “A” that has been URL-encoded would translate to “%41”.

Using encoding, hackers and malware distributors can mask destinations, commands, and other nasty stuff within a link so that you can’t read it (unless you have a URL decoding tool or translation table handy). Bottom line: if you see a bunch of “%” symbols in the URL, beware.

Ok, so we’ve shown you how to spot a link that might be suspicious, but how can you check out a link to find out if it’s dangerous without actually clicking it? Take note of these next sections.

You can expand a short link by using a service such as CheckShortURL or by loading a browser plug-in that will show you a short link’s destination by right-clicking the short link. Some link expander sites will go the extra mile and will let you know if the link is on a list of known “bad sites”.

There are a host of tools available to check the safety of a link before actually clicking on it to visit the site. Norton SafeWeb, URLVoid, ScanURL, and others offer varying degrees of link safety checking.

In order for you to have the best chances of detecting malware before it infects your computer, you should take advantage of any “active” or “real-time” scanning options provided by your antimalware software. It may use more system resources to enable this option, but it’s better to catch malware while it’s trying to enter your system rather than after your computer has already been infected.

If your antimalware / antivirus software doesn’t have the latest virus definitions, it’s not going to be able to catch the latest threats in the wild that might infect your machine. Make sure your software is set to auto update on a regular basis and check the date of its last update to ensure that updates are actually taking place.

A second opinion malware scanner can offer a second line of defense should your primary antivirus fail to detect a threat (this happens more often than you would think). There are some excellent second opinion scanners available such as MalwareBytes and Hitman Pro. Check out our article on Second Opinion Malware Scanners for more information