link safety

How to avoid malicious hyperlinks and practice link safety

SHARE

How to avoid malicious hyperlinks and practice link safety

used with permission from Tektonika (HP)

malicious links phishingWhether it’s in reference to an interesting article or information on a great new restaurant, “send me the link” is a commonly used phrase in the internet era. This is equally true in professional circumstances, where coworkers communicate and collaborate as a part of their jobs. In today’s threat-filled environment, where large and small businesses alike are facing unprecedented cybersecurity attacks, link safety is an essential part of employee security training.

CyberEdge Group’s 2019 Cyberthreat Defense Report found that 78 percent of networks had been breached in the previous year and that malware, ransomware, and spear-phishing “cause the most headaches.” In a separate study, risk advisory firm Willis Towers Watson found that 90 percent of breaches were enabled by human error. Any seasoned IT pro worth their salt knows how to recognize malicious links, but the average employee likely does not, and one wrong click can have devastating consequences.

Basic employee security training generally involves coaching employees on picking out suspicious attachments, but that training is incomplete unless link safety is also on the agenda. Emails with malicious links are just as much of a threat as emails with malicious attachments. There are a number of tips and tricks to keep in mind when trying to determine whether a link is safe.

What to look for—and avoid—in a link

When it comes to link safety, context is key. The contextual factors of a link provide key clues as to whether it’s safe, so start by asking these simple questions.

First, does it come from a trusted contact or domain? Do you know who sent it? Next, consider whether the link was expected and if the message attached to it makes sense. Does the message include a signature? Are there frequent spelling or grammatical errors in the message? If a link seems out-of-the-blue, unsolicited, or out-of-character coming from the sender, it’s wise to be wary. For instance, if you receive an unsolicited email from your bank asking you to verify your account information by clicking on a provided link, go directly to your bank’s website instead and check there for any notifications.

After considering the context, look for information within the link itself. Does it include a misspelled name of a trusted site? Our eyes tend to scan online information quickly and may not pick up if two letters are reversed or if there is an extra letter, so examine the link carefully. If the link is much longer than it should be or has many odd characters, steer clear. Hackers like to use URL encoding to mask harmful content in links.

Review the full link

One tip for examining a link is to hover over it with your mouse and view the full URL before clicking. Chrome and Firefox, for example, display the hovered-over URL in the bottom left corner of your browser window. You can also right-click a link and select “inspect” to view the full URL. If you’re on a mobile device, try tapping and holding a link—from the resulting options, you should be able to view the URL or copy it, at which point you can paste it into a text field to see it.

Shortened links can also be red flags. Phishers and malware distributors use them to hide where their links actually lead. A site like CheckShortURL can show you the full link before you click. Another valuable tool for ensuring link safety is a link checker. Services like Norton SafeWeb, Google Transparency Report, URLVoid, and ScanURL can check a link against their records to help you gauge its legitimacy.

Beyond clicks

Beyond the links themselves, there are additional security steps that individuals and organizations can take to ensure link safety. Keeping all of your anti-malware and antivirus software up-to-date is a big one. Every employee, whether they work in IT or not, can protect themselves and their employer by researching and supporting up-to-date network security that auto-filters user activity against threat databases. Every endpoint matters, so investing in devices with embedded security capabilities, like HP printers, can contribute much to the security of the entire network. In the event of an attack from a malicious hyperlink, self-healing printers can help to keep your print environment up and running.

Finally, in addition to offering link security training, it can be a good idea to review the characteristics of a safe website with your colleagues. If an employee does wind up somewhere suspicious, they should know to look for clues like the encryption icon in the URL bar, Trust Seals, and legitimate organization details like addresses and contact info.

Armed with these simple tips and some healthy skepticism, anyone can identify and avoid dangerous links on the web.

Don’t panic, but stay informed

Dropper developers may be smart, but cybersecurity companies like eMazzanti are smarter. We can help keep your devices and data safe through expert consultation, management, and crisis control. Contact us today to learn more.

UPCOMING VIRTUAL EVENTS

Demystifying Cyber Security for SMBs

sb-cyber-security-master-class

The continually changing threat landscape requires us to update best practices and add new concepts to keep your organization safe.

SESSION 4: Cyber Security Strategy
Watch On-Demand

SESSION 5: Cyber Insurance & MFA
Watch On-Demand

SESSION 6: Threat Detection | JAN. 15

Microsoft Copilot
Master Class Workshop

sb-microsoft-copilot-master-class

eMazzanti will host 60-minute Master Classes, that speak to how AI can help your business streamline and grow.

In each session, you will have Artificial Intelligence and Automation explained, view a live demo of Copilot, and see it live in action in a dynamic format.

RESOURCES

Cyber Security Awareness Hub

sb-Cyber-Security-Awareness-Hub

Cyber Security Awareness Kit, designed to be delivered to your team in bitesize chunks.

We are sharing the resources and highlighting services your organization needs, covering everything from multifactor authentication to software updates, showing your users just how easy it is to improve their security posture.

Resource Library

sb-resource-library

Insights to help you do what you do better, faster and more profitably.

> Tips to Stay Protected Against Phishing Attacks

> Understanding Ransomware 

> The 6 Known Wi-Fi Threat Categories Targeting Your Business and How to Defend Against Them

> Practical Advice for Avoiding Phishing Emails

Recent Articles

NEWSLETTER

Categories