Every day, malicious websites and attachments try to trick you into downloading their dangerous payload.
Fortunately, there are websites and tools to help you determine what’s safe and what might be a trap designed to steal personal information and money.
Hackers are cleverer than ever, which means it’s only getting harder to spot a malicious site or file. How many of us have received a bogus email about a product we know we never ordered?
With a bit of knowledge, some scams are easy to spot. For example, when I get a call from a “Microsoft rep” who claims my PC reports that it’s laden with malware and needs to be fixed, I know it’s a scam. Microsoft never makes support calls out of the blue; you must place the first call to its help center.
But knowing whether an email or website link will take me down the rabbit hole is much more difficult. Here are some helpful tools and tactics for revealing often well-disguised threats.
Getting help from online security sites
Before I discuss sites, let me suggest that you don’t want to check suspicious links from the browser (or browsers) you use every day. Seriously consider setting up either a virtual-PC system or a dual-boot configuration for testing suspect links and files. Virtual machines are easy to establish by using Microsoft’s Hyper-V, Oracle’s VirtualBox, or VMware. Just remember: To be legal, the second machine needs to have its own, valid license.
Next, you’ll want to bookmark several websites that let you upload malicious files or enter the URL for a suspect site. Sometimes, these security sites will tell you that the malicious link is known by antivirus companies; but sometimes, they also highlight that antivirus software doesn’t always flag malicious items.