Don’t Just Click on the Link!

Beware of Links, Especially Shortened Links

Don’t just click on the link! (Especially this time of year)

Keep these ideas in mind next time you’re about to click on some random link you got over social media or email.

goldfish swimming towards yaLink shortening services such as bitly and tinyurl are great for making long links, well, short. Unfortunately, link-shortening tools are commonly used by cybercriminals to make their malware-laden links look harmless by hiding their actual destination from would-be clicker-onners (is that a word? It is now).

Link shortening services take long links like this (this is not a real link – it’s just being used here as an example):

https://buttwhack.com/remember-this/because-it-might-save-you-from/getting-infected-with-malware-someday/dont-just-click-on-the-link

and shorten it into this:

https://tinyurl.com/y7zoq3k5

In addition to shortening the link, please notice how this action makes it impossible to tell where the link actually goes if we click on it.

Cybercriminals love this because they can make their malware-infested links look more likely for you to click on. If they sent you a link that looked like this: https://evil.hacker.com/click-on-this-so-I-can-own-you – chances are good you wouldn’t click on it.

We tend to click on things impulsively. The more something looks familiar, the even more likely we are to click on it. It’s tough to tell if these links are legit, if it’s a harmless one or a harmful one, just by looking at it.

Luckily, there are some tools we can use to view the destination of a shortened link without clicking on it.

Don’t get owned by some thief. Before you click on any random short link you got over social media or email, you might instead copy it to your clipboard and test it out using one of these tools to learn where the link leads without having to visit it:

These tools allow you to retrieve the original URL from a shortened link before clicking on it and visiting the destination. Some of them will even tell you if the link is a known phishing scam that points to malware and lets you know if the hidden link is safe or not. When in doubt, don’t just click on the link!

There are browser plugins for this, too, but I only ever recommend using sites directly. If you want to use a plugin, that’s your choice. More power to ya.

Whatever method you choose, feel more confident using them so you won’t fall prey to clicking on a malicious link! Don’t click on the link!

Speaking of visiting sites directly, from time-to-time we all get unsolicited messages from seemingly trusted sources asking us to verify this or that piece of information. These are phishing attacks, too.

Even if it looks legit, think twice! Don’t just click on the link!

Make it a habit of going directly to your medical, financial and other important sites you use by entering their address directly into your browser’s address bar or using a bookmark you made yourself. Trusting links in email or text messages might be convenient but it can lead you down a path you wouldn’t choose if you knew better.

Stay sharp out there! Don’t just click on the link!