Common advice for secure web browsing is that you should only click on links that you trust. That’s easy for us computer scientists to say, we understand how links work and what a normal one looks like. But how can you identify a dangerous link?

The domain name: 

This is probably the easiest one to check. A domain name like www.paypal.com is recognized and trusted. But how easy would it be to click a link that says www.pay.pal.com or www.payppal.com? People buy these domain names because they know they’re similar looking and people may not check twice. Someone could send you a link to pay them, and you’re then redirected to log into your account. You put in your credentials and it fails. Why is that? You’re not on paypal.com, you’re on a site made to look just like it. You’ve been scammed. You could’ve prevented this if you had double checked the domain name. This applies to all links. Make sure it’s a name you’re familiar with.

Shortened links: 

Some links are very long, like this one "https://www.google.com/searchsafe=strict&client=ubuntu&hs=vZY&channel=fs&sxsrf=ALeKk00tyHf5jmP-FXEWH00MgN65lDm3Vw:1603987451580&ei=--eaX5PzIoqttQbJmouwBQ&q=cute+pictures+of+kittens+and+puppies&oq=cute+pictures+of+kittins+&sclient=psy-ab". Tools have been created to shorten these links. "shorturl.at/asABE" is the exact same link as above. It has been shortened by a free service. Hackers often have to put strange looking text in the links they send you, like evilSiteExampl.net?payload=. That looks pretty suspicious, so they’ll shorten it to hide the suspicious text. This is why you should be skeptical of shortened links. Keep in mind that URL shorteners are useful tools. So you can use them, just only click on them if you trust the person sending it to you.

Try to guess what a link does:

This is probably the hardest one to do, but it can be the most effective. If you get link from an unknown source, you should look for keywords in the link. Take the following link for example,

yourBank.com/account/makepayment?to=unrecognizedUser&amount=5000

If you are currently logged into your bank account, and you click that link, it will process the transaction of $5000 to unkownUser. You can actually see the logic of the link. Words like “makepayment” “to” and “amount” should put you off. Some URLs are very obscure with what they do but others can be read just as easily as this one.

Conclusion:

Hopefully this has armed you with some skills you can use. However, keep in mind, sometimes you just need to go with your gut and don’t click that link.