Open Menu
AllLocalCommunitiesAbout
lotide
AllLocalCommunitiesAbout
Login

How to check whether a particular url is safe or not ?

⁨37⁩ ⁨likes⁩

Submitted ⁨⁨3⁩ ⁨weeks⁩ ago⁩ by ⁨Docker@lemmy.world⁩ to ⁨[deleted]⁩

source

Comments

Sort:hotnewtop
  • coherent_domain@infosec.pub ⁨3⁩ ⁨weeks⁩ ago

    In general only click on a link if you trust the domain. A URL usually looks like this: first.second.third…

    And be very careful, only the second and the thrid word between dots count.

    For example: suspicious.google.com is in general fine, since the second and third word is google.com . However, lemmy.legit-lemmy.world is unsafe, because the second and thrid word are legit-lemmy.world, but not lemmy.world.

    There are ways to smuggle unsafe asset under legit URL, usually by uploading them on google drive, github etc. The good rule of thumb is to never run anything on your computer unless you are absolutely sure it comes from trusted source, like official website.

    source
    • Successful_Try543@feddit.org ⁨3⁩ ⁨weeks⁩ ago

      Recently it has become a problem that optical twins of legit URLs exist, where some letters have been replaced by alike letters from different alphabets, see e.g. the list in this link.

      source
      • tyler@programming.dev ⁨2⁩ ⁨weeks⁩ ago

        I’m pretty sure ff shows punycode automatically. I’ve never had to touch it at least and I get punycode.

        source
        • -> View More Comments
      • joshchandra@midwest.social ⁨3⁩ ⁨weeks⁩ ago

        Dang. Is there an equivalent Firefox add-on that checks for this stuff?

        source
        • -> View More Comments
      • Docker@lemmy.world ⁨3⁩ ⁨weeks⁩ ago

        social

        How can the configuration be done on the Android phone ?

        source
    • gofsckyourself@lemmy.world ⁨3⁩ ⁨weeks⁩ ago

      Definitely don’t click on links like this one: trustmethisisnotascam.com

      source
  • FistingEnthusiast@lemmynsfw.com ⁨3⁩ ⁨weeks⁩ ago

    Open it on your work computer like I do, to avoid problems with my personal device

    source
    • Zachariah@lemmy.world ⁨3⁩ ⁨weeks⁩ ago

      this one trick IT hates

      source
  • Peter_Arbeitslos@feddit.org ⁨3⁩ ⁨weeks⁩ ago

    virustotal.com can help at least somewhat.

    source
    • Peter_Arbeitslos@feddit.org ⁨2⁩ ⁨weeks⁩ ago
      • Norton Safe Web
      source
  • NutinButNet@hilariouschaos.com ⁨3⁩ ⁨weeks⁩ ago

    You can check URLs and files at virustotal.com for free.

    If you have Windows 10/11 Pro and your computer supports virtualization, you can enable the Windows Sandbox in Windows Features too. This creates a temporary virtual machine with the bare essentials and no antivirus built in for testing stuff like this to see what the worst case scenario is if you visited/accessed.

    source
    • Docker@lemmy.world ⁨3⁩ ⁨weeks⁩ ago

      I work on my small Samsung Android phone. Is there any means of creating a sandbox here ?

      source
      • NutinButNet@hilariouschaos.com ⁨2⁩ ⁨weeks⁩ ago

        I’m not familiar on that platform, unfortunately, as I’m on iPhone.

        But I think you should still be able to use virustotal’s website on mobile to check websites and also files.

        There may be a sandbox app available for Android, but I’m not aware of any particular ones to recommend.

        source
  • scytale@lemm.ee ⁨3⁩ ⁨weeks⁩ ago

    Someone else already mentioned it, but virustotal can check if the url is malicious. It’s not 100% of course but more often than not it will catch a malicious url. It’s a quick and easy way to check on-the-fly.

    source
  • Nurse_Robot@lemmy.world ⁨3⁩ ⁨weeks⁩ ago

    Use a friends computer

    source
  • joshchandra@midwest.social ⁨3⁩ ⁨weeks⁩ ago

    From gentlest to strongest intensity:

    • URLCheck
    • AdNauseam
    • NoScript

    I use all 3.

    source
  • lemmyingly@lemm.ee ⁨3⁩ ⁨weeks⁩ ago

    If it’s a website use a website preview online service.

    source