Is it SAFE?

Before I click on any link or open a file attachment sent to me via email, I have Déjà vu of the 1976 movie Marathon Man, where Dustin Hoffman was continually asked 'Is it safe?' while being tortured. While clicking on an email link may not be as physically painful, the angst involved can be just as real.

So, how does one determine if a link or file is safe?

• First is this email from an entity or person you know?  If not, DELETE!
• If it is a file, were you expecting a file?  If not, DELETE!
• Is it a shortened URL (like those sent via Twitter or in text messages)?  DELETE!
• If it is a link, do you really need to click on that link, or is it just another cat video on YouTube? DELETE (ok, I enjoy ICanHasCheezeburger as much as the next guy, but I type in the web address for my fix)
• If the email is from a financial service provider (bank, Schwab, etc) - the first choice is to open your browser and type in their web address (or use a previously saved shortcut) - or even better, use LastPass to open the website and log you in.

Step 1: Copy the link to your clipboard. To do this, hover your mouse over the link and then RIGHT CLICK (emphasis on RIGHT mouse button click) on the link and select 'Copy'.

Step 2: Open your browser and go to: https://www.virustotal.com
Step 3: Select the URL tab in the center, then click in the 'Search…' box and either press 'CTRL-V' to paste the link you just copied or, right click and select 'Paste…' and then press the ENTER key.

Virus Total (a Google company spinoff) will then check that link against 4+ dozen different scanners. If they do not all come back as ‘Clean’ (the number in the upper Left should be ZERO)– then…DELETE!

For a file attachment do the following:

Step 1: Save the file without opening it to your computer. How you do this can vary based upon your email program, provider – for some, there is a small arrow you click on and select ‘Save As’. In Gmail, if you hover your mouse over the filename, the image will change and a down-arrow will appear to Download the file. Select a location and save the file but DO NOT open it.

Step 2: From the Virus Total website select ‘File’, then click on the ‘Choose file’ button.

When you click on ‘Choose file’ a dialog box will open where you can find and select the file. Click on ‘Confirm Upload’.

After the file is uploaded, Virus Total will check it using 50+ different scanners. If the number in the upper left is not ZERO, then DELETE!

Another useful tool/website that I use for checking links is called URLScan (https://urlscan.io). This works in the same manner as VirusTotal, but it also will show you a thumbnail of the webpage which can be helpful as well as a lot of the technical info to tell what this site is really doing.  

Paste the link into the search box and then click on ‘Public Scan’

The results are really geeky and technical and will look like the following –

This tool contains a lot more technical info that may not be as helpful to most, so start with VirusTotal and if you still have concerns, check it on URLScan.

If this seems a bit inconvenient…it is. That is the nature of security. But the consequences can be much worse.

If a link is not worth the trouble of taking 30 seconds to scan it with VirusTotal, can it really be that important?