The third chapter of URL investigation and prevention series will be on how to investigate URL in details to prevent internet scam. This chapter basically teaches you on how to deal with URL that sent to you carefully in order to avoid you from falling into the consequences of a dangerous URL.
Everyday you receive emails and messenger messages which contains URL from friends and also unknown sender. The best method is of course to not click on any of them, but what about URL from your friends and family? You can’t avoid all the URL, can you? At certain occasion, you might have to put a click on those URL and below is how you do it the right way.
Things to do when you received a URL
First and foremost, it is important to know whether the URL is malicious or not. If it is a malicious URL, you can forget about visiting the site already. Unless you are really curious and wanted to know what happen after visiting it, you can try using a virtual machine instead so that it will no harm your actual computer. Question is, how do you know whether the URL is malicious?
There is one site called Virus Total and you can submit the URL that you are going to visit a check for any malicious threat. Virus Total is not only capable of scanning URL, but it also can scan your executable files and it is always good to send your file there before executing it. It will use more than 30 antivirus around the world to perform a scan on your file or URL.
Get the actual URL
The first step is to investigate whether it is a malicious site. The second is to analyze the URL whether it will lead you to a phishing site where the actual URL is not what it appears to be. For instance is the URL below where I am going to ask you to click on the URL below to go to the Google main site.
Click to go to http://www.google.com
- Open your notepad now by going to “RUN” and type “notepad.exe”.
- Right-click on the URL above and click “Copy Link Address”.
- Paste the address into your notepad.
You will see that the actual address is my blog’s homepage instead of Google’s homepage. This is called a simple URL manipulation. It is not rocket science and you can do it too. But how many out there actually copy the URL and check? The URL can easily lead you to a phishing site if you don’t investigate the URL in details.
Execute the URL in a Sandbox
This is pretty optional because not everyone has a Sandbox. But if you do, you can run the site inside the Sandbox so that the malicious software will not infect your computer. A Sandbox is basically an environment that is separated from your actual operating system where you can run your malicious software there and forget about it after closing it. Therefore, if you are not confident with the URL that you are going to visit but insists of visiting it, just use a Sandbox.
Make your decision wisely
The result of analyzing the URL is to come out with a conclusion whether you should visit the site and play along with it until the end. I can’t really teach on how to be wise, but there are few points that I would like to point out here to help you in making the decision.
- Do not visit the website if it is reported as malicious site.
- Do not visit the site if the actual URL is not legitimate.
- Do not click on the URL when you see it in the first place whether it is from email or messenger. Analyze first.
- Follow the point above whether it is your friend, family, relative, foe or stranger that send you the URL. Your friends or family might be the one infected and start spreading without realizing it.
- If the message of the URL says URGENT or any other words that has to do with IMMEDIATELY REPLY, don’t play along with it.
- If you feel something is not right about the site, stop right there find the owner of the site to make a report. Don’t be shy because security comes first.
The entire guide of this post should be sufficient to analyze a link before visiting them. You should be able to know what you are dealing with, where you are going to and also be able to predict the outcome. If you are careless and fell for the trap, you might just end up as what I had mentioned in the second chapter of this series.
My next chapter which is the last chapter of this series is going to be the 1o ways to get your computer infected with Malware. Do subscribe to this blog if you don’t want to miss my URL investigation and prevention series.