9

Sometimes I get very suspicious messages or I see a random link somewhere I obviously don't click on them but I'm still curious what's on the site. So that makes me wonder what's the safest way to view the website whilst making sure that even if it contains a virus my computer won't get infected? I personally don't trust antivirus software that much if there is a high chance of the website being infected.

Maybe disabling javascript before clicking on the link? Would that do the trick? But that would most likely mess with the webpage itself.

Basically my question is: How can I safely open a link that I know is malicious?

Improve this question
5
  • "So that makes me wonder what's the safest way to view the website whilst making sure that even if it contains a virus my computer won't get infected?" - The only safe way to open a malicious suspicious link is never to open it. Why must you open the link to determine if it's legitimate, in every single browser, you can hover a link BEFORE clicking on it.
    – Ramhound
    Commented Mar 29, 2022 at 12:09
  • 1
    Do it on a pc you dont care if it gets infected.
    – Moab
    Commented Mar 29, 2022 at 17:40
  • The question may not have been clear enough let me rephrase it. How can I safely open a link that I know is malicious?
    – Forgotten-Storm
    Commented Mar 30, 2022 at 17:33
  • There are sites that create VMs that can open questionable links in a controlled and automated way. I'm unable to recall the name of the sites at the moment, but I observed a security coworker using one a couple weeks ago. They fed the link into the site and it followed the links and inspected the results and then gave a report on any malware found.
    – music2myear
    Commented Apr 6, 2023 at 3:50
  • use a sandbox or virtual machine
    – Aindriú
    Commented Apr 6, 2023 at 8:41

5 Answers 5

Reset to default
8

If you don't want to interact with the suspicious webpage and instead just quickly want to see what it is, the easiest and safest way to open the link is probably by using an online screen capturing service for websites (e.g., https://www.screenshotmachine.com or https://screenshot.guru).

This not only requires zero setup on your part, it's also as close to 100% safe as you can get in this context. Note however, that this only applies to viewing the screenshot of the webpage -- a very sophisticated attacker could serve different content to the screenshotting service than to you, if you were to click on the link on your own device after viewing the screenshot of the website.

Improve this answer
4

Running a browser in a VM is a good added layer of security. However, there have been security holes in VMs that let code escape to the host. (Although those are relatively rare and probably difficult to exploit quickly from a malicious link.)

If the link is beyond suspicious, into paranoid, you could boot a (linux) live disk from cdrom or other read only media on a system with no hard disk and visit the link.

Improve this answer
3

Not really open the page but just to see what's in it or see if it is forwarding your request:

  • Open your terminal (e.g. in windows: "WINDOWS+R", type cmd)
  • Use curl command in terminal:

curl -v gooogle.com

Host: gooogle.com
User-Agent: curl/7.83.1
Accept: */*

<HTML><HEAD><meta http-equiv="content-type" content="text/html;  charset=utf-8">
    <TITLE>301 Moved</TITLE></HEAD><BODY>
    <H1>301 Moved</H1>
    The document has moved
    <A HREF="https://www.google.com/">here</A>.
    </BODY></HTML>
Improve this answer
2
  • Welcome to SU. This might be a good answer, but it's not at all clear to someone not familiar with curl. Direct copy-paste into bash shell only produces errors. You should edit the question to clarify how exactly this is supposed to be used.
    – Peregrino69
    Commented Apr 5, 2023 at 14:24
  • thanks, updated now
    – timguy
    Commented Apr 6, 2023 at 8:31
2

Adding safety mechanisms is good and should not be limited to suspicious links. The most successful attacks used links which didn't look suspicious at all.

I count NoScript as one of the best protections, thus blocking the execution of JavaScript for all websites that I don't know. JavaScript is the most dangerous attack vector through your browser.

Apart from this, there is only one way to totally isolate your computer, and that's using a virtual machine for following the suspicious link.

Improve this answer
2
  • Even then there are VM escape bugs
    – til_b
    Commented Sep 29, 2022 at 9:21
  • @til_b: Not for the last several years.
    – harrymc
    Commented Sep 29, 2022 at 9:23
0

Just use an old crappy phone from thrift shop, never your own unless you run a massive over-writing program that fills it with complete junk. Remember even a factory reset can be recovered. Layer over layer over layer. I do this kind of over-writing before I sell/donate any device

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .