I have something to admit. I run marketing for a cybersecurity company and send emails with links to people whose job is to tell people not to click on links in emails. It’s a weird thing to do, right?!
Of course, I know that the emails we send don’t contain malicious links. But, for the receiver, how can they know?
All companies at this point have programs that scan links, put messages in junk or quarantine, or somehow indicate wicked intent. But those programs are not perfect. If they were, we’d never have to warn people not to click the link and all of my Nigerian Princes would disappear from my inbox.
Let me be clear: I run marketing and I don’t trust the links marketers send me.
If I want to read something sent to me in email, I right click the link, copy the URL and paste it into VirusTotal or Sucurci.
Wait! It’s ironic that I just pasted a link into this article. So, you should go search for “VirusTotal” or “Sucurci” and then check out these links: https://www.virustotal.com/gui/home/url and https://sitecheck.sucuri.net/
An “okay” from those sites is not a total seal-of-approval, though. The sites just looks for malicious code. An evil-doer’s website could still ask me for my username and password or try to get other information from me in some scammy way.
