Don't Be Duped by Malicious Short Links—Here's How You Verify the Destination URL Before Clicking
Link shorteners like TinyURL and Bitly are great for Twitter (or anytime you're limited on space), but they're also great for hackers. It's easy to hide a malicious link in an innocent-looking shortened URL, which increases the chances that people will click on it.
Once you click on it, a link can take you to the "hilarious new video" that you just had to see, or you could end up on a site that someone set up to get you to download or install malware onto your computer. There are, however, a few ways to spot malicious links before you click.
Your first defense is your browser's own status bar. When you hover over a link with your cursor, the status bar will tell you the target of the link. If your browser doesn't have a status bar, there are add-ons that you can download to get one.
Obviously, there are ways for scammers to get around this, but if your status bar tells you the link goes somewhere other than where you think it should, you probably shouldn't click it without further investigating. Which brings us to our next point.
There are sites that let you check a link's target by "unshortening" it, like CheckShortURL or unshort.me. All you have to do is paste the shortened link into the bar and click unshorten, and the site will show you the full link so you know where it actually goes.
Most browsers also have add-ons or extensions that you can install to do this for you without having to visit a separate site, like unshorten.it for Firefox and Chrome, and preview add-ons like Swift Preview for Chrome.
It also helps to always make sure your anti-virus software is up to date so that you have a better chance of being warned if you do click on something you shouldn't have.
And lastly, one of the best ways to detect malicious links is to use your intuition. If it sounds like a scam, or it's too good to be true, it usually is. Common sense says that we can't all be a site's "one millionth visitor," and most of us don't have any friends in Nigeria, so if a link seems suspicious, it's probably best left unclicked.
Have you ever been duped by a fake link? Tell us your story in the comments.