Blogs

What is a malicious URL and how do we protect against them?

Published on November 10, 2021
Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on whatsapp

Malicious URLs are a tactic used to promote scams or fraudulent activity. They are persuasive in nature, intending to gain sensitive and personal information.

Did you know 1 out of 50 URLs in email attachments were found to be malicious in 2020?

The digital landscape has evolved since the pandemic began and, despite increased security measures, is more dangerous for users than ever. Organisations are under constant attack from well-funded professional entities that continually seek to penetrate security boundaries.

What do malicious URLs look like?

Improvements in technology and AI, paired with increased user reliance on multiple devices, has led to cyber criminals becoming more sophisticated in their approach. Harmful attacks often come in phishing emails, malware-infected web pages, or even spam messages, which cyber criminals deliver via email links, text messages and page advertisements. These URLs most likely have embedded ‘downloadables’ including spy-ware, key-loggers, viruses, etc.

Malicious websites are well-recognised threats in information security, acting as an effective tool for propagating viruses, worms and other types of malicious code online.

Malicious domain owners will sometimes opt for multiple cheap domain names (such as xqerty.com) which is one method of identifying the difference between a safe and malicious URL.

As more people worked away from the office and electronic communications increased in 2020, we saw a dramatic increase in the number of phishing attacks. In fact, reports of phishing in Australia went up by 75% in 2020. As hybrid working becomes the new norm, it remains a priority for security teams and cyber advocates to detect and protect against the spread of malicious links via email.

What steps do we take to protect against a malicious URL?

Here are five strategies to protect against malicious URLs:

  1. View certificate details
    Just because the connection is secure does not mean you know who is on the other end of that connection. Most browsers (like Edge, Chrome and Safari) allow users to view the certificate by clicking the padlock icon.

  2. Use online resources to detect malicious URLs
    VirusTotal is a website that analyses suspicious URLs. This site uses numerous antimalware engines and will report URLs associated with malware or other malicious activity. Also, make sure you have Safe Browsing checks turned on in your settings.

  3. Check the domain
    If you are eager to know who is running a website or want to check whether it is safe, you can leverage a few tools. Sites such as MX Toolbox and https://Who.is can tell you the email address registered with the website and the registration date. Sites like these can evaluate the website itself and cross-check for any red flags. Malicious domains are likely to have been registered very recently – always treat new domains with suspicion.

  4. Regularly update your systems
    A common tactic leveraged by cyber criminals involves scanning devices for vulnerable applications. Regularly updating your operating systems, applications and plugins will provide better protection against malware.

  5. Educate yourself, your employees and your customers
    Employees must know how cyber criminals use malicious URLs against organisations and take steps if they suspect suspicious behaviour online. There are many ways organisations can ensure staff understand these risks, including mandatory training sessions, email alerts of new threats and regular newsletters highlighting recent scams and security concerns.

TAS protects your team against malicious URLs

With the rise of cyberattacks and malicious code, security teams have now prioritised detecting and protecting against them. Businesses today are vulnerable to malware, ransomware and other types of cyberattacks daily. We offer cybersecurity solutions tailored to your business needs to protect your networks from these attacks.

TAS specialise in comprehensive security and cloud solutions that protect both your business and your customers. Our team focuses on cybersecurity management, including analysts who determine the focus of a cyberattack and take steps to address those attacks.

Visit our cybersecurity page for more on how we can protect your business.

Author

Connor Wilkinson

Information Security Analyst

Related posts

Enter your details to subscribe

Get TAS exclusive monthly thought leadership, insights, latest trends, and customer spotlights directly in your inbox.

Subscriber form
Acceptance

Please enter your details to download

Web download
Acceptance

Enjoy your read?

Subscribe and get TAS exclusive monthly thought leadership, insights, latest trends, and customer spotlights directly in your inbox.

Subscriber form
Acceptance