5 Questions To Ask Before You Click A Link

Our cyber security best practice recommendation is that you don't click links online. But if you need to, ask yourself these 5 questions first.

 Email Cyber Security - Gray Analytics

You rarely interact with anything online -- emails, tweets, web pages -- without coming across a hyperlink to somewhere else. Whether it's a password reset request in your email or an article that a colleague wants you to read online, links are everywhere. And in today's world of cybercriminals, hyperlinks can be an easy way for bad actors to gain access to your computer system or your information.

Because of this, our recommendation is that you not click links online. But we know that this is not always possible or desirable. So we're sharing five questions that you should ask yourself before you click on a link online.

1 Do I know the sender/writer?

Before clicking on a link in an email, make sure that the email came from someone that you know. Is the email address one that you're familiar with? Is it from a trusted domain? Have you received emails from this sender in the past that were legitimate? The same goes for a link online. Do you know the source? Do you have previous experience with them sharing legitimate links? If you're unsure of the sender or writer, verify with a phone call or a separate email to make sure the link is legitimate before clicking.

2 Do I know where this link is taking me?

In our Gray Analytics newsletter emails, we usually show you the full address of where the hyperlink will take you. Many emails don't include this. If you hover your mouse over a link in an email or online the web address becomes visible. This allows you to verify that the link is taking you where you want to go.

Bonus Question: Is the link shortened? Particularly on social media, many platforms automatically shorten long links. Most of these shortened links are harmless but cybercriminals can and do use these shortened links to hide nefarious links. If you see a shortened link and don't fully trust the source, you can use a website like CheckShortURL to restore the shortened link to its original form for verification. 
Email Security - Gray Analytics

3 Did I expect this?

If you receive an email asking you to click a link to perform an action or download something and you weren't expecting it then don't click on the link. You should only click on links if you requested them (for instance, you forgot your password and requested a new one) or if they're part of a campaign or regular correspondence with someone you trust.

4 Is it necessary?

Every link that you click on in an email without first checking the previous three questions increases your odds that you'll one day accidentally click on a malicious link. While many companies (including us) send out a lot of helpful information that is available for you to access with a click, it's not always necessary for you to click on every link that you see. Before you click, evaluate if what you're gaining from the click (knowledge, action, etc.) outweighs the risks. 

5 Is there another way to get there?

If you know the full link address you can type the address into your browser to guarantee that you're going to visit the exact page that you want to visit. Or if you receive an email asking you to do something related to an account, open a new webpage and visit the account instead of clicking the link. For example, if email verification is actually required for your account, when you manually go to your account there will be a notice that you need to verify your email address and you can update your information directly rather than by clicking a link in an email. 

If you have any questions or comments, send us an email or connect on social media and we'll get back with you as soon as we can. And don't forget to enter to win a free phishing simulation from Gray Analytics!
Share This Post