Before I click on any link or open a file attachment sent to me via email, I have Déjà vu of the 1976 movie Marathon Man, where Dustin Hoffman was continually asked 'Is it safe?' while being tortured. While clicking on an email link may not be as physically painful, the angst involved can be just as real.
So, how does one determine if a link or file is safe?
- First is this email from an entity or person you know? If not, DELETE!
- If it is a file, were you expecting a file? If not, DELETE!
- Is it a shortened URL (like those sent via Twitter or in text messages)? DELETE!
- If it is a link, do you really need to click on that link, or is it just another cat video on YouTube? DELETE (ok, I enjoy ICanHasCheezeburger as much as the next guy, but I type in the web address for my fix)
- If the email is from a financial service provider (bank, Schwab, etc) - the first choice is to open your browser and type in their web address (or use a previously saved shortcut) - or even better, use LastPass to open the website and log you in.
Step 1: Copy the link to your clipboard. To do this, hover your mouse over the link and then RIGHT CLICK (emphasis on RIGHT mouse button click) on the link and select 'Copy'.
Step 2: Open your browser and go to: https://www.virustotal.com
Step 3: Select the URL tab in the center, then click in the 'Search…' box and either press 'CTRL-V' to paste the link you just copied or, right click and select 'Paste…' and then press the ENTER key.
Virus Total (a Google company spinoff) will then check that
link against 4+ dozen different scanners. If they do not all come back as
‘Clean’ (the number in the upper Left should be ZERO)– then…DELETE!
For a file attachment do the following:
Step 1: Save the file without opening it to your computer.
How you do this can vary based upon your email program, provider – for some,
there is a small arrow you click on and select ‘Save As’. In Gmail, if you
hover your mouse over the filename, the image will change and a down-arrow will
appear to Download the file. Select a location and save the file but DO NOT
open it.
Step 2: From the Virus Total website select ‘File’, then
click on the ‘Choose file’ button.
When you click on ‘Choose file’ a dialog box will open where
you can find and select the file. Click on ‘Confirm Upload’.
After the file is uploaded, Virus Total will check it using
50+ different scanners. If the number in the upper left is not ZERO, then
DELETE!
Another useful tool/website that I use for checking links is
called URLScan (
https://urlscan.io). This
works in the same manner as VirusTotal, but it also will show you a thumbnail
of the webpage which can be helpful as well as a lot of the technical info to
tell what this site is really doing.
Paste the link into the search box and then click on ‘Public
Scan’
The results are really geeky and technical and will look
like the following –
This tool contains a lot more technical info that may not be
as helpful to most, so start with VirusTotal and if you still have concerns,
check it on URLScan.
If this seems a bit inconvenient…it is. That is the nature
of security. But the consequences can be much
worse.
If a link is not worth the trouble of taking 30 seconds to
scan it with VirusTotal, can it really be that important?