Categories
Computer & Network Security

How To Check A Sketchy Link Without Clicking It

Let’s say you’re working through your dozens of emails, responding to clients or customers or business partners and you come across this one email from your bank informing you that you need to reset your password. This email comes completely out of the blue and to top it off you don’t recognize the senders email address. Do you click it?

Maybe…maybe not.

Did you know that you can investigate if that link is sketchy or not without clicking on it?

When it comes to hyperlinks, sometime’s it’s really obvious it’s sketchy, but other times, in the case of look-a-like domains, it can actually be a bit tricky.

Here are a few things that make a link sketchy, when visibly looking at it.

  • Links that end in uncommon top level domains (TLD). Because the cost to purchase domains within these TLDs are pretty inexpensive, they are very frequently used for spamming and malicious activity. Aside from abc.xyz which is a web site owned by Google’s parent Alphabet I don’t know of any legit domains with these TLDs.

    • Commonly used for spamming/nefarious activity:
      • .xyz
      • .buzz
      • .live
      • .fit
      • .tk
  • Links that are knock-offs (known as look-a-like domains) of major brands. These are popular because the domain closely resembles that of real brands domains. Depending on how the URL looks in your browser and if you’re on a mobile device or on your computer, you may or may not be able to spot these very easily.

    • Examples:
      • netflix-mail[.]com
      • t-mogbile[.]com
      • googlre[.]com
      • secure-paypal.com.fraud.hmmmm[.]com

      Note, these domains may or may not be valid at the time of you reading this

  • Links that contain random numbers and/or letters. These are pretty obvious. Not all are malicious, however, anytime I see a url like this I immediatly get suspicious. It’s not a trustworthy link in my opinion and should be investigated further.

    • Examples:
      • eqbqcguiwcymao[.]info

There is definitely no shortage of URL and website scanners out there. I’ve tried dozens of them. None of them seem as good to me as URLscan. It’s fast, extremely detailed, provides a live screenshot and it allows you to link out to other scans to check them as well.

URLScan – https://urlscan.io

My go-to move with any sketchy links is to pop them into URLScan and see what comes up. To do that, just head on over to https://urlscan.io. Then just simply copy and paste the link you want to scan into the scan field. Once there you can also click Options and make your scan Private, which sometimes is nice to do, since Public scans will show up on the front page and in searches.

Now that you have your link pasted in, click Scan! Once URLScan is finished checking your link, doing it’s analysis and fingerprinting, it will bring you to a results page that looks something like this.

Note, this is an example results page of a known malicious site.

1. Live Screenshot. This allows you to visibly see if there might be anything weird going on with the site. This is good for sniffing out things like misspelled words on login pages.

2. Google Safe Browsing rating. This is a nice quick view of if the website is safe or potentially nefarious.

3. Lookup the URL with other scanners. The lookup tab allows you to pick any of a number of other website scanners. This can help you glean additional information about the site you’re scanning in case you’re still not sure about it. 


Browserling –
 https://www.browserling.com

Another great, free tool for investigating potentially malicious URLs and websites is browserling.com. This website allows you to enter in any URL and it will safely navigate to that website. You can then interact with that suspicious website just like you would in any other browser, but doing it this way is 100% safe. That’s because the browser is in a sandboxed environment and there’s no way for that malicious website to hurt your machine. With the free version you are limited to about 2 minutes, but that’s more than enough to do a quick peak at the website.

Caution when Clicking

It’s a bit cliche by now but, think before you click! It only takes a few minutes to pause, copy and paste the link into URLScan and check it out first before clicking.

If you’re at work and have an IT Department or Security Team, send it over to them and ask them to investigate it for you. It’s better to wait 10 minutes to get a link checked out than spend 10 weeks recovering from a security incident.

Additional Information

I did some googling on this topic and found some good articles related to suspcious and or malicious domains. The articles below go into much more detail on TLDs and their use for malicious or spammy activity. If you’re into the technical nitty gritty these would be great reads.

Categories
Compliance > Privacy

Data Privacy Laws and Cybersecurity: Navigating The 2023 Shift

Introduction

In 2023, the United States is witnessing a pivotal transformation in its data privacy laws, heralding a new era in legal frameworks and cybersecurity strategies. This shift, significant in its scope and impact, demands a reevaluation of how organizations approach data privacy and security compliance.

Recent Developments in Data Privacy Laws
  1. New State Laws and Amendments:
    • California Privacy Rights Act (CPRA): Enhancing CCPA with GDPR-like rights from January 1, 2023.
    • Colorado Privacy Act (CPA): Introducing data security mandates, effective July 1, 2023.
    • Connecticut Data Privacy Act (CDPA): Emphasizing data minimization and security from July 1, 2023.
    • Utah Consumer Privacy Act (UCPA): Prioritizing data security, effective December 31, 2023.
    • Virginia Consumer Data Privacy Act (VCDPA): Revising data processing rights from January 1, 2023.
  1. Emerging Trends:
    • Scope Consistency: These laws primarily target businesses within state borders or those engaging with state residents.
    • Consumer Rights Expansion: A growing trend towards empowering consumers with data access, deletion, and opt-out options.
Implications for Cybersecurity
  1. Enhanced Data Security: The evolving landscape necessitates robust cybersecurity measures to safeguard personal data.
  2. Risk Assessment and Compliance: Regular assessments for high-risk data processing underscore the need for continuous compliance.
  3. Legal and Financial Stakes: Non-compliance risks substantial legal and financial repercussions, with penalties reaching $50,000 per violation in some states.
  4. Diverse Regulatory Landscape: The variance in state laws presents a significant challenge for multi-state operations, requiring adaptable compliance strategies.
  5. Evolving Future Trends: With impending legislation in states like Maine and Massachusetts, the regulatory environment will grow, demanding agile cybersecurity responses.

2023 marks a watershed moment in U.S. data privacy law with profound cybersecurity implications. For organizations, the focus must shift to robust security measures, vigilant risk assessments, and a proactive stance on compliance. As the legal landscape evolves, staying informed and adaptable is crucial for effectively navigating these changes.

[For detailed insights on the evolving privacy laws, visit Reuters]

(https://www.reuters.com/legal/legalindustry/new-era-privacy-laws-takes-shape-united-states-2023-11-15/)