How to check if the links/URLs are malicious/phishing or not?
Malicious URL: http://rxqsd.com/9n4fbg (URL Sample (link is dead), can use your own)
Tools: URL Scan io, BrightCloud, Browserling We need to answer all the questions below:
- Check the URL behaviour using https://urlscan.io/ Result:
- Check domain reputation using https://www.brightcloud.com/tools/url-ip-lookup.php Result:
- Interact with URL using virtual sandboxed browser from https://www.browserling.com/ Result:
First, we need to check the URL behaviour using URLScan (https://urlscan.io/). Open the website.
- Then put the URL address that you want to check and click “Public Scan”.
- After you click the “Public Scan” it’s take some time to complete the scanning.
- We got the result. As we can see it stated this URL is “Malicious Activity!”. The URLScan io verdic this as potentially malicious.
- We also can see this URL targeting which brand. In this case, they are targeting Swiss Post (National postal service of Switzerland).
- Next, we check the domain reputation using BrightCloud
- Then put the URL address that you want to check and click “LOOK UP”.
- Now, we got the result. As we can see it stated that web reputation is suspicious (40 of 100).
- Now, we have an answer for Questions 2.
- Finally, we interact with URL using Browserling