Without links, the web as we know it wouldn’t exist. In fact, the ability to link between pages and sites is what created the “web” in the first place.
Unfortunately, clicking a link is always a bit of a gamble. On the other end of a link could be the information you want to see, or it could be a malicious website, virus-filled download or inappropriate content.
Sometimes the only way to know for sure is to click. However, there are some important questions you can ask first that will give you a good idea if the link is safe or not.
1. Where did the link come from?
Perhaps the most important question you can ask is how you got the link in the first place. Was it in an unsolicited email or text message? Did you get it in a Google search? Was it in a friend’s Facebook post?
As a rule, if a link is unsolicited, you don’t want to click on it. Hackers send out malicious links in emails and texts daily. They’re especially good at putting links in emails that look like they’re from legitimate companies. If the link is from someone you know, check with them first to make sure they really sent it, and that their account wasn’t hacked.
Generally, links you find yourself are going to be safer, but you still need to be cautious. A Google search is a good example. Hackers use a tactic called “search engine poisoning” to get malicious links to the top of a Google search for popular words and topics.
The same goes for Facebook. In general, the links your friends post should be OK, but one of them might have been tricked into sharing a malicious link, or they installed an app that does it for them.
Keep reading and we’re going to look at some other questions that will help reveal those dangers.
2. Why am I clicking the link?
OK, this question sounds philosophical, but we’re not actually asking “why” you do things in the general metaphysical sense. We’re asking you why you want to click on that particular link.
Is it out of fear that something bad will happen if you don’t? Are you responding to greed or anger? Is it out of lust? These are just a few of the triggers that hackers use to trick you into clicking.
For example, an email might say your bank account has been hacked and you need to click right away and enter your information so the bank can get your money back. Maybe you see a post on Facebook saying you could win the lottery or get a brand new expensive tech gadget for free.
Perhaps it’s a political post that asks you to sign a petition against something that makes you angry. And don’t forget the ever-popular promise of racy images or video on the other side of a link.
If you find yourself on the verge of reacting out of emotion, take a second and really think about why you’re doing what you’re doing. You might realize that you’re being manipulated. And we’re about to tell you how you can know for sure.
3. Does the link look right?
Web links follow certain rules, which means you can often tell at a glance if one is on the up-and-up. The biggest tip-off is the domain name. For example, the domain name of our site is “komando.com.”
It might have a prefix, such as “www.komando.com,” “news.komando.com,” or “station-finder.komando.com.” Or it might have a suffix, such as “komando.com/tips” or “komando.com/happening-now.” But no matter what, that’s going to be the centerpiece of any link on our site.
So, if you get an email claiming to be from Komando, but the link is “www.somethingelse.com/this-is-fake” or even “komando.somethingelse.com/also-fake” or “somethingelse.com/komando,” you know something is up.
Sometimes this can get a little tricky. For example, occasionally Amazon will use aws.com for links to Amazon Web Service, but on the whole, it’s a good thing to check. However, there are a few more tricks hackers like to pull.
Earlier we mentioned search engine poisoning where hackers get malicious links to the top of a search results page. If you’re doing a Google search, look just below the page title in the search results to see where the link is coming from. If you’re looking for a page on one company’s site, and the link is to another site, then proceed with caution.
Another trick is that the text of a link and the link itself don’t have to be the same. In an email or online, you can hover your mouse cursor over a link and then look down in the lower part of the screen to see what the link really is. You can also right-click on the link, choose “Copy link” or “Copy link address” and paste the link into a word document to see what it really is.
Sometimes you’ll run into shortened links, especially on Facebook and Twitter. These are often legitimate links, but it will just show bit.ly/123456 or goog.le/123456. Grab an extension for your browser that un-shortens these so you can see where they’re really taking you.
Of course, sometimes it helps to get a second opinion.
4. Is there a second opinion?
Sometimes when you’re in a rush, you don’t always check links as thoroughly as you should. Or maybe you think a link in a Google search or on a website is bad, but you aren’t sure.
Most security companies have software that watches links and lets you know if they don’t go where you think, or if other people have reported them as being a problem. Check your security software to see if it has this option that you can enable.
5. What’s on the other side?
If you’re even a little suspicious of a link, you shouldn’t click on it. Better safe than sorry. And if it’s information you really need, you can usually visit a company’s site directly to find it, or look it up in a Google search.
However, sometimes you’ll click on a link and wind up in a place that sets off alarm bells. Maybe the site isn’t the company site you were expecting, it looks like it was thrown together, or it pesters you to enter information you know you shouldn’t give out.
Remember, it’s always OK to walk away. Close the browser tab and go find the information somewhere else.
Of course, some sites will attack your computer as soon as the page loads. You might not have a chance to leave before the damage is done. Learn how to make your browser hacker-proof to keep that from happening.