News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Which security sites are good for checking suspect URLs before clicking on them?

    Posted on OscarCP Comment on the AskWoody Lounge

    Home Forums Outside the box The Junk Drawer Which security sites are good for checking suspect URLs before clicking on them?

    Viewing 6 reply threads
    • Author
      Posts
      • #1987930 Reply
        OscarCP
        AskWoody Plus

        I am not sure if this the correct place for this topic; if there is another forum that is more appropriate, please moderators, move it there. Thanks.

        Today I received an email allegedly from Medicare. It looked perfectly the same as other such emails, except there was something slightly unusual in the text, where it mentioned how much my monthly  Drug Medicare insurance costs this year and how much it will cost next. According to the email, it twill cost a few more dollars per month. This was followed by a large green button to click on in order to go and see what alternative insurers would be charging and, if I saw it to my advantage, change to a different plan during this Open Enrollment Period that, as usual is taking place in the last part of the year. Nothing wrong with any of that, but when I hovered the cursor over the button, the URL was “lnks.gd/l/followed by a long helping of alphabet soup.

        So I entered the “lnks.gd” part in Google search and also, later, in DuckDuckGo  and got several hits that  were links to several (allegedly) security places that would look into the domain for possible infected sites attached to it. I tried “Norton” and got an all clear. Great!?

        Then I found, searching with the keyword “phishing”, the following link:

        7 Quick Sites That Let You Check If a Link Is Safe

        which I think is legitimate, and it has a list of different services it recommends. I tried the Google one, and it also gave the domain the “all clear”.

        Now, the question: which site (not necessarily listed there) is a good one to check a domain when one gets an even remotely suspicious-looking email with URL links that say “click me”?

         

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

      • #1988771 Reply
        PaulK
        AskWoody Lounger

        Off topic. Not directly addressing your questions, but …
        1 – Domain root gd is Grenada. Why would a company registered there have an interest in US drug premiums? Maybe innocent.
        2 – For Medicare information, I would either look at the Medicare & You book, or start drilling down at https://www.medicare.gov/ . Research is free,  one need not register.

        1 user thanked author for this post.
      • #1988772 Reply
        Bluetrix
        AskWoody MVP

        You could try:

        https://safeweb.norton.com/

        Check if a Website is Malicious/Scam or Safe/Legit | URLVoid

        https://cleantalk.org/blacklists

        Searching for information anything Medicare relate:

        Medicare.gov

        1 user thanked author for this post.
      • #1989855 Reply
        anonymous
        Guest

        ? says:

        have you run the header through a spam email header reader?

        https://www.iptrackeronline.com/email-header-analysis.php

        https://mxtoolbox.com/EmailHeaders.aspx

        https://mailheader.org/

        after you get the real ip address (the starred one on iptrackeronline) run the number through speedguides ip locator

        https://www.speedguide.net/ip/

        1 user thanked author for this post.
        • #1995852 Reply
          Bluetrix
          AskWoody MVP

          ?

          Thanks for the reminder.

          I forgot about SpamCop

          I haven’t had any spam (none worth reporting) in over a year. Prevention takes a while once your E-addy is out there, it’s worth the effort though.

          If you copy your email headers you can enter them using the Report TAB at SpamCop. You don’t have to be a member to have the headers parsed to find the originating source, then click “Report Spam” and off goes an email to the domain as anon. I never sent a report to any ISP located in China. I think you can report 10 or so for free, but parsing is unlimited (iirc). I’m a member and haven’t used them in a while. Actually forgot about them once my spam slowed to a crawl, to now almost none. 1-3 a month, and those are harmless as they go to my throw-away address.

          • #1995972 Reply
            OscarCP
            AskWoody Plus

            Thanks, Bluetrix.

            Same as you, I don’t get much spam, only from a few companies I have had business with more or less recently, and those I can unsubscribe, although I find more satisfying to trash them. One curious case is Intel: some years ago, I bought a couple of pricey software compilers from them and, ever since, they have been mailing me a sort of newsletter on IT developments they believe that such an up-and-coming executive as myself cannot possibly live without. No idea where they got their amusing idea of my actual career and position; they certainly are not discouraged by my complete lack of response. But I get a kick out of it, every time I receive one of those.

            Such emails do not worry me, because they are few and far apart and I know they are 100% legitimate commercial spam. I always trash them unread, anyway.

            Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

      • #1989865 Reply
        CADesertRat
        AskWoody Plus

        Today I received an email allegedly from Medicare. It looked perfectly the same as other such emails, except there was something slightly unusual in the text, where it mentioned how much my monthly  Drug Medicare insurance costs this year and how much it will cost next. According to the email, it twill cost a few more dollars per month. This was followed by a large green button to click on in order to go and see what alternative insurers would be charging and, if I saw it to my advantage, change to a different plan during this Open Enrollment Period that, as usual is taking place in the last part of the year. Nothing wrong with any of that, but when I hovered the cursor over the button, the URL was “lnks.gd/l/followed by a long helping of alphabet soup.

        It’s Open Enrollment time and you must have a Medicare account. I got the same email with the same type of link only it was to my Medicare account to start choosing a different Pt D plan since mine is going through the roof.

        If your leery, just go to Medicare’s site.

        Don't take yourself so seriously, no one else does 🙂
        4 Win 10 Pro at 1909 (3 Desktops, 1 Laptop).

        1 user thanked author for this post.
        • #1991061 Reply
          wavy
          AskWoody Plus

          OK ofoff topic but how much> GF has this.

          🍻

          Just because you don't know where you are going doesn't mean any road will get you there.
          • #1991069 Reply
            CADesertRat
            AskWoody Plus

            OK ofoff topic but how much> GF has this.

            How much what, Wavy??? Not sure I understand your question.

            Don't take yourself so seriously, no one else does 🙂
            4 Win 10 Pro at 1909 (3 Desktops, 1 Laptop).

      • #1995853 Reply
        Kirsty
        Da Boss

        @oscarcp I suggest you look back to your earlier topic on whether emails are spoofed or genuine:
        https://www.askwoody.com/forums/topic/an-intriguing-perhaps-faked-and-dangerous-email-from-apple/

        It really would make emails a fraction more secure if senders such as government agencies/departments, businesses and NGO’s took the bother to provide digitally signed emails in the first place. Then you would be the assurance that a) the email address that sent the email wasn’t spoofed, and b) that the contents hadn’t been altered mid-stream (as occurs in some invoice payment scams). It puts me right off receiving emails from such organisations that don’t take the receiver’s security seriously!

        • #1995864 Reply
          OscarCP
          AskWoody Plus

          Kirsty,

          Thanks, good thinking. I forgot about that early incident, back in March, and that thread I started about it, although in that case the email was obviously a fake most likely sent with malicious intent. Some good ideas there, too.

          Fortunately for me, so far there are just a few organizations that, like Medicare, send me regular emails and newsletters, so, if in doubt, I can always check by logging into my accounts with them. Those of unusual origin, I can check with some of these online verification sites, or trash them right away, depending on what they look like in the preview panel. I hope the advice given here and in that other thread can be useful not just to me, but to others as well, as many of us are recipients, now and then, of dubious emails: emails that, somehow, don’t seem right.

          Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

          1 user thanked author for this post.
      • #1995973 Reply
        irelam
        AskWoody Lounger

        Take a look at Surbl, it has an in-house app, or you can put together a small web app that will act as a client of Surbl.

        Martin

        • #1996311 Reply
          Kirsty
          Da Boss

          I suspect many would consider SURBL to be outside the day-to-day realm of most “average” users:

          How
          Using SURBLs requires a mail filter that can extract web sites from message bodies and check them against the lists. Many applications support SURBLs, including SpamAssassin and filters for most major MTAs including sendmail, postfix, qmail, exim, Exchange, qpsmtpd and others.

    Viewing 6 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Which security sites are good for checking suspect URLs before clicking on them?

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.