“Is This Link Safe?” Here Are A Few Quick Tips

😨 “Is this link safe?”

Ever open up an email and ask yourself “Is this link safe?”  Or maybe you’re browsing a forum and see a URL that doesn’t seem quite right to you.

If you’re using DNS filtering software and are blocking all threat categories, you shouldn’t have to worry about questions like this. But in case you find yourself on an unprotected website and are face-to-face with a link you aren’t sure you trust, here are a few tips to keep in mind when encountering any suspicious URLs.

🙅‍♀️ Don’t click anything

The simplest advice for noticing a suspicious link is to simply not click it. However, sometimes it’s too late. If you find yourself on a website you’re uncertain about, back away. Close the tab or hit the back button. Return to safety.

If you’re in the US, you can submit any possible phishing sites you find to CISA. If you’re using DNS filtering software, you should also submit the site to them so they can categorize and block the site. DNSFilter customers can do this under our Domain Lookup tool. We’ll go over how to use that in a bit.

🔒 Change your passwords

Let’s imagine you click an ad for a retailer. They’re advertising a sweatshirt that you love, and you decide to see how much it costs.

The price is reasonable, so you add it to your cart and begin the checkout process. But unfortunately, you don’t get a bad feeling about the website until after you’ve created an account and entered some information.

If you created an account using a common password you use regularly, change the password on all of those accounts that share that password. Second, stop using the same password for everything! Reusing passwords is a security risk, as it means hackers need to do less work to unlock your digital accounts.

Additional recommendations:

• Enable two-factor authentication (2FA)
• Use a password manager that can generate complex, unique passwords for every site.
• Change your passwords regularly (this is again where a good password manager can help)

💳 Report any security incidents to your credit card provider

Let’s go back to that online retailer scenario. But this time, instead of backing out before you finalized your order, you actually entered your credit card information.

You should do the same thing here that you would do if you fell for a phishing scam asking for a charitable donation: Report the incident to your credit card provider.

In this instance, you should let them know the amount you paid along with the date and time and ask for your credit card to be canceled. You should get a new one in the mail in a few days if they act quickly enough.

Examples like the malicious retailer will never send you your goods and are only out to steal your credit card. Phishing scams vary; sometimes they’re looking to hook you in for a one-time payment, and others might save that credit card information to use in the future.

The safest thing to do in these cases is cancel your card, report the incident, and follow the steps in the two previous sections.

🔍 Use a domain lookup tool

Sometimes, even if you’re using filtering software, you might find yourself unwilling to click on a link until you know it’s safe. Or, maybe you’re just looking for some extra context around why a particular link is blocked.

If you’re someone who loves getting into the details, you’ll appreciate DNSFilter’s domain lookup tool.

DNSFilter customers who want to check on a domain can go to the Domain Lookup section in the app.

Once you enter the domain, you’ll get a list of categories as well as an indication if it is a threat.

When a site is a categorized as a threat, you’ll get a report that looks like this:

This is an actual site mimicking PayPal that we’ve found through our AI Webshrinker. You can see that it falls into threat categories. We use domain greylisting to block domains that are newly registered as a large number of newly registered domains are often used for malicious purposes.

Ready to stop asking yourself “Is this link safe?” Get a free trial of DNSFilter and block phishing threats in real-time.

‍