- Joined
- Jun 28, 2020
- Messages
- 6,311
- Reaction score
- 710
- Points
- 212
- Awards
- 2
Short links are one of the most common tools to attack. There is nothing easier than disguise a malicious site or a link to download malicious software with a link shortener, such as Bitly.
In this article, consider recommendations for checking and safely opening short
links. First of all, check where the hidden link leads. The site unshorten.it will help you in this.
(no AD) Its functionality is very simple: it lets you know where a short link leads without opening it.
Keep in mind that these services can log and store data, including end links with information that is valuable to you.
After receiving the final link, check it out on the VirusTotal
website. VirusTotal can be used as a browser extension to conveniently check suspicious sites in the future.
Unfortunately, this is not always an effective
solution. Sometimes attackers make an intermediate harmless site that hides a short link. In this case, the check will show that the site does not pose a threat, but after its opening in the browser, you will be redirected to the final malicious site.
And VirusTotal itself often can not recognize the threat, because, if there is suspicion, run the site in a virtual environment or sandbox.
If you don't have a virtual environment as a temporary solution for browsing sites, you can use the Browserling.comservice.
But it is strongly discouraged to open pages containing private information there, as all your actions and data can be collected and
stored.
Don't forget that some short link services collect statistics about the users who opened
them. Usually it is a general statistic, less often - geolocation data, but there are services that allow the creator of the link to get even IP addresses of those who crossed it
In this article, consider recommendations for checking and safely opening short
links. First of all, check where the hidden link leads. The site unshorten.it will help you in this.
(no AD) Its functionality is very simple: it lets you know where a short link leads without opening it.
Keep in mind that these services can log and store data, including end links with information that is valuable to you.
After receiving the final link, check it out on the VirusTotal
website. VirusTotal can be used as a browser extension to conveniently check suspicious sites in the future.
Unfortunately, this is not always an effective
solution. Sometimes attackers make an intermediate harmless site that hides a short link. In this case, the check will show that the site does not pose a threat, but after its opening in the browser, you will be redirected to the final malicious site.
And VirusTotal itself often can not recognize the threat, because, if there is suspicion, run the site in a virtual environment or sandbox.
If you don't have a virtual environment as a temporary solution for browsing sites, you can use the Browserling.comservice.
But it is strongly discouraged to open pages containing private information there, as all your actions and data can be collected and
stored.
Don't forget that some short link services collect statistics about the users who opened
them. Usually it is a general statistic, less often - geolocation data, but there are services that allow the creator of the link to get even IP addresses of those who crossed it