Clicking or tapping a link in an email, text or on a website is always a bit of a gamble. On the other end could be the information you want to see, or it could be a malicious website, virus-filled download or inappropriate content. Sometimes the only way to know for sure is to click. But there are some important questions you can ask before you do that will give you a good idea if the link is safe.
1. Where did the link come from?
Perhaps the most important question you can ask is how you got the link in the first place. Was it in an unsolicited email or text message? Did you get it in a Google search? Was it in a friend's Facebook post?
As a rule, if a link is unsolicited, you don't want to click on it. Hackers send out malicious links in emails and texts daily, and they're especially good at putting links in emails that look like they're from legitimate companies. If the links are from people you know, check with them first to make sure they really sent it, and that their accounts weren’t hacked.
Links you find for yourself are going to be safer, but you still need to be cautious. For example, hackers use a tactic called "search engine poisoning" to get malicious links to the top of a Google search for popular words and topics (more on that later). Learn how to get your legitimate links to the top of a Google search.
The same goes for Facebook. In general, the links your friends post will be OK, but one of them might have been tricked into sharing a malicious link. Or he may have installed an app that does it for him. Maybe he got tricked by a like-farming scam.
2. Why am I clicking the link?
OK, this question sounds philosophical, but I'm not actually asking "why" you do things in the metaphysical sense. I'm asking why you want to click on that particular link.
Is it out of fear that something bad will happen if you don't? Are you responding to greed or anger? Is it out of lust? These are just a few of the triggers that hackers use to trick you into clicking.
For example, an email might say your bank account has been hacked and you need to click right away and enter your information so the bank can get your money back. Maybe you see a post on Facebook saying you can win the lottery or get a brand new expensive tech gadget for free.
Perhaps it's a political post that asks you to sign a petition against something that makes you angry. And don't forget the ever-popular promise of racy images or video on the other side of a link.
If you find yourself on the verge of reacting out of emotion, take a second to think about why you're doing what you're doing. You might realize that you're being manipulated. And I'm about to tell you how you can know for sure.
3. Does the link look right?
Web links follow certain rules. That means you can often tell at a glance if one is on the up-and-up. The biggest tip-off is the domain name. For example, the domain name of my site is "komando.com."
It might have a prefix, such as "www.komando.com," "news.komando.com" or "station-finder.komando.com." Or it might have a suffix, such as "komando.com/tips" or "komando.com/happening-now." But no matter what, "komando.com" is going to be the centerpiece of any link on our site.
So, if you got an email claiming to be from Komando but the link was "www.somethingelse.com/this-is-fake" or even "komando.somethingelse.com/also-fake" or "somethingelse.com/komando," you know something is up.
Sometimes this can get a little tricky. For example, Google's shortening service is "goog.le" – but on the whole it's a good thing to check.
There are a few more tricks hackers like to pull. Earlier, I mentioned search engine poisoning, where hackers get malicious links to the top of a search results page. If you're doing a Google search, look just below the page title in the search results to see its link. If you're looking for a page on a company's site, and the link goes to another site, then proceed with caution.
Another trick is that the text of a link and the link itself don't have to be the same. In an email or in a browser, you can hover your mouse cursor over a link and then look down in the lower part of the screen to see what the link really is. You can also right-click on the link, choose "Copy link" or "Copy link address" and paste the link into a word processor to see what it really is.
Sometimes you'll run into shortened links, especially on Facebook and Twitter. These are often legitimate links, but they will just show bit.ly/123456, goog.le/123456 or t.com/123456. In general, as long as the person posting them is legitimate, you're OK. But if it's a random account you stumbled on that doesn't have a lot of followers or is posting nonsensical information, be more cautious. Of course, sometimes it helps to get a second opinion.
4. Is there a second opinion?
Sometimes when you're in a rush, you don't always check links as thoroughly as you should. Or maybe you suspect a link in a Google search or on a website is bad, but you aren't sure.
Most security companies have software that watches links and lets you know if they don't go where you think, or if other people have reported them as being problems. Check your security software to see if it has a URL reputation system you can enable in your browser; most do.
5. What's on the other side?
If you're even a little suspicious of a link, you shouldn't click on it. Better safe than sorry. If it's information you really need, you can usually visit a company's site directly to find it, or look it up in a Google search.
But sometimes you'll click on a link and wind up in a place that sets off alarm bells. Maybe the site isn't the company site you were expecting; it might look like it was thrown together; or it could pester you to enter information you know you shouldn't give out.
Remember, it's always OK to walk away. Close the browser tab and go find the information somewhere else.
Of course, some sites will attack your computer as soon as the page loads. You might not have a chance to leave before the damage is done. Learn how to make your browser hacker-proof to keep that from happening.
On the Kim Komando Show, the nation's largest weekend radio talk show, Kim takes calls and dispenses advice on today's digital lifestyle, from smartphones and tablets to online privacy and data hacks. For her daily tips, free newsletters and more, visit her website at Komando.com. Kim also posts breaking tech news 24/7 at News.Komando.com