News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Which security sites are good for checking suspect URLs before clicking on them?

    Posted on OscarCP Comment on the AskWoody Lounge

    Home Forums Outside the box The Junk Drawer Which security sites are good for checking suspect URLs before clicking on them?

    This topic contains 12 replies, has 8 voices, and was last updated by  Kirsty 2 weeks, 5 days ago.

    • Author
      Posts
    • #1987930 Reply

      OscarCP
      AskWoody Plus

      I am not sure if this the correct place for this topic; if there is another forum that is more appropriate, please moderators, move it there. Thanks.

      Today I received an email allegedly from Medicare. It looked perfectly the same as other such emails, except there was something slightly unusual in the text, where it mentioned how much my monthly  Drug Medicare insurance costs this year and how much it will cost next. According to the email, it twill cost a few more dollars per month. This was followed by a large green button to click on in order to go and see what alternative insurers would be charging and, if I saw it to my advantage, change to a different plan during this Open Enrollment Period that, as usual is taking place in the last part of the year. Nothing wrong with any of that, but when I hovered the cursor over the button, the URL was “lnks.gd/l/followed by a long helping of alphabet soup.

      So I entered the “lnks.gd” part in Google search and also, later, in DuckDuckGo  and got several hits that  were links to several (allegedly) security places that would look into the domain for possible infected sites attached to it. I tried “Norton” and got an all clear. Great!?

      Then I found, searching with the keyword “phishing”, the following link:

      7 Quick Sites That Let You Check If a Link Is Safe

      which I think is legitimate, and it has a list of different services it recommends. I tried the Google one, and it also gave the domain the “all clear”.

      Now, the question: which site (not necessarily listed there) is a good one to check a domain when one gets an even remotely suspicious-looking email with URL links that say “click me”?

       

      Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W(?) + Mac&Lx

    • #1988771 Reply

      PaulK
      AskWoody Lounger

      Off topic. Not directly addressing your questions, but …
      1 – Domain root gd is Grenada. Why would a company registered there have an interest in US drug premiums? Maybe innocent.
      2 – For Medicare information, I would either look at the Medicare & You book, or start drilling down at https://www.medicare.gov/ . Research is free,  one need not register.

      1 user thanked author for this post.
    • #1988772 Reply

      Bluetrix
      AskWoody MVP

      You could try:

      https://safeweb.norton.com/

      Check if a Website is Malicious/Scam or Safe/Legit | URLVoid

      https://cleantalk.org/blacklists

      Searching for information anything Medicare relate:

      Medicare.gov

      Windows10 Home 1809 | Mint19 on VM

      1 user thanked author for this post.
    • #1989855 Reply

      anonymous

      ? says:

      have you run the header through a spam email header reader?

      https://www.iptrackeronline.com/email-header-analysis.php

      https://mxtoolbox.com/EmailHeaders.aspx

      https://mailheader.org/

      after you get the real ip address (the starred one on iptrackeronline) run the number through speedguides ip locator

      https://www.speedguide.net/ip/

      1 user thanked author for this post.
      • #1995852 Reply

        Bluetrix
        AskWoody MVP

        ?

        Thanks for the reminder.

        I forgot about SpamCop

        I haven’t had any spam (none worth reporting) in over a year. Prevention takes a while once your E-addy is out there, it’s worth the effort though.

        If you copy your email headers you can enter them using the Report TAB at SpamCop. You don’t have to be a member to have the headers parsed to find the originating source, then click “Report Spam” and off goes an email to the domain as anon. I never sent a report to any ISP located in China. I think you can report 10 or so for free, but parsing is unlimited (iirc). I’m a member and haven’t used them in a while. Actually forgot about them once my spam slowed to a crawl, to now almost none. 1-3 a month, and those are harmless as they go to my throw-away address.

        Windows10 Home 1809 | Mint19 on VM

        • #1995972 Reply

          OscarCP
          AskWoody Plus

          Thanks, Bluetrix.

          Same as you, I don’t get much spam, only from a few companies I have had business with more or less recently, and those I can unsubscribe, although I find more satisfying to trash them. One curious case is Intel: some years ago, I bought a couple of pricey software compilers from them and, ever since, they have been mailing me a sort of newsletter on IT developments they believe that such an up-and-coming executive as myself cannot possibly live without. No idea where they got their amusing idea of my actual career and position; they certainly are not discouraged by my complete lack of response. But I get a kick out of it, every time I receive one of those.

          Such emails do not worry me, because they are few and far apart and I know they are 100% legitimate commercial spam. I always trash them unread, anyway.

          Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W(?) + Mac&Lx

    • #1989865 Reply

      CADesertRat
      AskWoody Plus

      Today I received an email allegedly from Medicare. It looked perfectly the same as other such emails, except there was something slightly unusual in the text, where it mentioned how much my monthly  Drug Medicare insurance costs this year and how much it will cost next. According to the email, it twill cost a few more dollars per month. This was followed by a large green button to click on in order to go and see what alternative insurers would be charging and, if I saw it to my advantage, change to a different plan during this Open Enrollment Period that, as usual is taking place in the last part of the year. Nothing wrong with any of that, but when I hovered the cursor over the button, the URL was “lnks.gd/l/followed by a long helping of alphabet soup.

      It’s Open Enrollment time and you must have a Medicare account. I got the same email with the same type of link only it was to my Medicare account to start choosing a different Pt D plan since mine is going through the roof.

      If your leery, just go to Medicare’s site.

      Don't take yourself so seriously, no one else does 🙂
      4 Win 10 Pro currently 1809 (3 Desktops, 1 Laptop).

      1 user thanked author for this post.
      • #1991061 Reply

        wavy
        AskWoody Plus

        OK ofoff topic but how much> GF has this.

        🍻

        Just because you don't know where you are going doesn't mean any road will get you there.
        • #1991069 Reply

          CADesertRat
          AskWoody Plus

          OK ofoff topic but how much> GF has this.

          How much what, Wavy??? Not sure I understand your question.

          Don't take yourself so seriously, no one else does 🙂
          4 Win 10 Pro currently 1809 (3 Desktops, 1 Laptop).

    • #1995853 Reply

      Kirsty
      Da Boss

      @oscarcp I suggest you look back to your earlier topic on whether emails are spoofed or genuine:
      https://www.askwoody.com/forums/topic/an-intriguing-perhaps-faked-and-dangerous-email-from-apple/

      It really would make emails a fraction more secure if senders such as government agencies/departments, businesses and NGO’s took the bother to provide digitally signed emails in the first place. Then you would be the assurance that a) the email address that sent the email wasn’t spoofed, and b) that the contents hadn’t been altered mid-stream (as occurs in some invoice payment scams). It puts me right off receiving emails from such organisations that don’t take the receiver’s security seriously!

      • #1995864 Reply

        OscarCP
        AskWoody Plus

        Kirsty,

        Thanks, good thinking. I forgot about that early incident, back in March, and that thread I started about it, although in that case the email was obviously a fake most likely sent with malicious intent. Some good ideas there, too.

        Fortunately for me, so far there are just a few organizations that, like Medicare, send me regular emails and newsletters, so, if in doubt, I can always check by logging into my accounts with them. Those of unusual origin, I can check with some of these online verification sites, or trash them right away, depending on what they look like in the preview panel. I hope the advice given here and in that other thread can be useful not just to me, but to others as well, as many of us are recipients, now and then, of dubious emails: emails that, somehow, don’t seem right.

        Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W(?) + Mac&Lx

        1 user thanked author for this post.
    • #1995973 Reply

      irelam
      AskWoody Lounger

      Take a look at Surbl, it has an in-house app, or you can put together a small web app that will act as a client of Surbl.

      Martin

      • #1996311 Reply

        Kirsty
        Da Boss

        I suspect many would consider SURBL to be outside the day-to-day realm of most “average” users:

        How
        Using SURBLs requires a mail filter that can extract web sites from message bodies and check them against the lists. Many applications support SURBLs, including SpamAssassin and filters for most major MTAs including sendmail, postfix, qmail, exim, Exchange, qpsmtpd and others.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Which security sites are good for checking suspect URLs before clicking on them?

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.