Cyber security should be one of the top concerns for any individual who spends part of their day interacting digitally. Cybercriminals are becoming more sophisticated and even savvy techs can sometimes fall prey to their tactics. More users than ever are becoming wary of common techniques such as spoofing and phishing through their email accounts, but malicious URLs can pose just as big a threat as their more well-known counterparts.
These URLs can be delivered via email, text message, pop-ups or other suspicious advertisements. Once clicked, they can result in downloaded malware, spyware, ransomware, and even compromise your accounts. The reality is that it is impossible to truly see what is hidden behind the display of a file or link just by looking at it. Education and awareness that teach the red flags of suspicious content can do a lot to protect consumers, even reducing the likelihood of them falling for a phishing campaign by as much as 70%.
But as these attacks get more sophisticated, it becomes increasingly evident that the best way to combat these malicious technologies is with technology itself. This is especially true in light of a recent report that found that 40% of malicious URLs that were identified were located on good domains. This means that legitimate websites are vulnerable to being compromised, leading to their unwitting hosting of malicious content. This is a problem that affects all parties impacted.
Education is the first line of defense, but for these malicious URLs that are located on legitimate sites, security solutions would need URL-level visibility or domain-level metrics to get an accurate picture of the degree of danger. And even less-sophisticated URLs pose a threat. Another study found that up to 10% of individuals would click on a link that is located in an obviously fake email.
Once detected, malicious emails can be blocked, but there are techniques that cybercriminals can use to get around these protections too. While machine learning applications and artificial intelligence are getting better at parsing out which emails and URLs contain malicious content, this solution is also still imperfect.
The best solution currently is to use an online tool that can analyse the file and data and report back to you if it is malicious. These only take a few seconds to use and can save you greatly in the event that it prevents you from accessing a file or site that installs malware, spyware or ransomware on your computer. And best of all – they are free to use.
Some of the top tools for checking the integrity of sites and files include:
- VirusTotal – Uses over 70 antivirus scanners and URL/domain blacklisting services. You simply paste a link in or select the file in question from its upload feature and it will tell you within seconds if it is safe or not.
- ScanURL – This independent website polls Google Safe Browsing, PhishTank and Web of Trust to provide information about a site along with a recommendation on whether it should be avoided or not.
- AVG LinkScanner – This site will check any links on a website to detect malware or other threats. Given AVG’s reputation in cybersecurity, this website is one of the most popular. In addition to checking user-submitted links, they also publish a top 5 list every week of the most infected sites.
- Google Transparency Report – Despite their recent gaffes concerning user privacy, Google does offer a reliable tool that can check the integrity of sites. Within seconds, its web crawlers can tell you if a site can be trusted or not.
