You’re right to be suspicious about those seals that say a site has been tested and is secure. There’s absolutely nothing that prevents a malicious site from simply putting that little graphic on their page.
That said, what you’re looking for isn’t available. There’s no 100% certain way to test a site before you visit it to determine if it is malicious or contains malware that will infect your machine. That’s one of the reasons why I recommend sticking with trusted sites and making sure that your anti-malware tools are in place and up-to-date.
So, let me throw out some ideas that, while not guaranteed, can at least help protect you even if you’re visiting a potentially questionable site.
Become a Patron of Ask Leo! and go ad-free!
Use Linux
One suggestion would be to visit the site using a different operating system. If you have access to a Linux machine, try visiting the page using that. If you don’t have a spare machine, fire up Linux in a virtual machine or boot Linux from a live CD.
Most malware is targeted at Windows and Windows-based browsers, so if something happens to your Linux box, you won’t actually get infected. You’ll just presumably see malicious behavior.
Switch browsers
You could also run a non-standard browser as occasionally malware will target browsers like Internet Explorer, Chrome, or Firefox. It actually makes sense to use one of the second or third-tier browsers to see if you have any problems when you visit those sites.
But even with a different browser and operating system, there is no guarantee. Malware may try to infect you, but fail silently, so there’s no indication. Well-crafted malware may even detect the browser and Linux operating system and simply not infect you without any indication that it would have tried.
There’s no way to tell unless you…
Sacrifice Windows
In this scenario, you run Windows in a virtual machine and visit the site. That way you can simply erase the virtual machine when you’re done. Your main computer is not affected because everything – malicious or otherwise – was contained within that virtual machine.
a
- affiliate
- affiliate program
- algorithm
- Animated GIF
- anonymizer
- anti-malware
- aspect ratio
b
- back up
- backup
- bandwidth
- bare metal
- BCC
- Blind Carbon Copy
- binary
- BIOS
- Basic Input/Output System
- bit
- bit-ness
- blog
- web log
- bot
- botnet
- bounce
- breach
- brick
- broadband
- brute force attack
- BSOD
- Blue Screen of Death
- buffer
- bug
- bus
- byte
c
- Completely Automated Public Turing test to tell Computers and Humans Apart
- CAPTCHA
- CDN
- Content Delivery Network
- certificate
- click bait
- clipboard
- clone
- cloud
- codec
- CSV
- Comma Separated Values
- compression
- context menu
- cookie
- core
- CPU
- Central Processing Unit
- CPU bit-ness
- craplet
- crapplet
- crapware
- CRC
- Cyclic Redundancy Check
- XSS
- cross-site scripting
- Cruft
d
- dark web
- dashboard
- DDOS
- Distributed Denial Of Service attack
- deep web
- defrag
- defragment
- device driver
- DHCP
- Dynamic Host Configuration Protocol
- dialog box
- differential backup
- digital signature
- disc
- DLL
- Dynamic Link Library
- Domain Name System
- DNS
- dongle
- download
- Dots Per Inch
- DPI
- driver
- DRM
- Digital Rights Management
- Digital Subscriber Line
e
- echo chamber
- ellipsis
- encryption
- encryption – asymmetric
- encryption key
- encryption – public key
- epub
- electronic publication
- ESP
- Email Service Provider
- ethernet
- executable
f
- Fallacy of Composition
- file system
- Fiber Optic Service
- FiOS
- firewall
- Focus
- foistware
- form factor
- FTP
- File Transfer Protocol
- FUD
- Fear Uncertainty Doubt
- full backup
g
- GIF
- Graphics Interchange Format
- Graphical User Interface
- GUI
- guid
- Globally Unique IDentifier
h
- hack
- hacker
- ham
- hamburger
- hamburger menu
- hash
- HDD
- Hard Disk Drive
- HDMI
- High-Definition Multimedia Interface
- home page
- honeypot
- HTML
- HyperText Mark-up Language
- http
- HyperText Transfer Protocol
- https
- HyperText Transfer Protocol – Secure
- hub
i
- idle
- image backup
- Internet Message Access Procotol
- IMAP
- incremental backup
- IOT
- Internet Of Things
- Input/Output
- I/O
- Internet Protocol Address
- IP address
- ISO image
- ISO
- Internet Service Provider
- ISP
j
- Java
- javascript
k
- keylogger
- kilobyte
l
- LAN
- Local Area Network
- latency
- Linux
m
- mainboard
- malware
- malicious software
- man in the middle
- map
- Master Boot Record
- MBR
- megabyte
- memory
- mobo
- motherboard
- modem
- Modulator Demodulator
- motherboard
- Mount
- MTBF
- multi-factor authentication
n
- NAS
- Network Attached Storage
- Network Address Translation
- NAT
- nonbreaking space
- nbsp
- net etiquette
- Netiquette
- netizen
- network
- network adapter
- Network Interface Controller
- NIC
- notification area
- nybble
o
- OCR
- TLD
- op-level domain
- open wifi
p
- packet
- partition
- passphrase
- patch
- Portable Document Format
- Problem Exists Between Chair And Keyboard
- PEBCAK
- Phishing
- pixel
- POP
- Point Of Presence
- pop-up menu
- POP3
- Post Office Protocol version 3
- populate
- port
- Port 25
- POTS
- Plain Old Telephone System
- protocol
- proxy
- pst
- Potentially Unwanted Program
- PUP
- pwn
q
- Quick Response
- QR Code
r
- RAID
- redundant array of independent disks
- rainbow table
- RAM
- Random Access Memory
- ransomware
- RDP
- reboot
- recovery drive
- registrar
- registry
- root
- rootkit
- router
s
- sandbox
- SATA
- Serial ATA
- scareware
- screen shot
- script
- sector
- Secure Boot
- SED
- Self-Encrypting Drive
- SFTP
- Secure File Transfer Protocol
- Share
- shell
- shovelware
- Short Message Service
- SMS
- SMTP
- Simple Mail Transfer Protocol
- sniffing
- SSD
- Solid State Disks
- spam
- spoof
- spyware
- SSD
- Solid State Disk
- Secure SHell
- SSH
- Service Set IDentifier
- SSID
- SSL
- Secure Sockets Layer
- streaming
- switch
- system tray
t
- telemetry
- Tethering
- TOR
- The Onion Router
- third party ad
- Time-based One Time Password
- TOTP
- TLA
- Three-Letter Acronym
- top-level domain
- TLD
- Too long; didn.t read
- TL;DR
- TLS
- Transport Layer Security
- tooltip
- tray
- trojan
- TPM
- Trusted Platform Module
- Two-factor authentication
u
- UAC
- User Account Control
- UEFI
- Unified Extensible Firmware Interface
- UI
- URL
- Uniform Resource Locator
- USB
v
- VGA
- virtual desktop
- virtual machine
- Virtual Memory
- virus
- VLC
- vlog
- video blog
- vlogger
- VNC
- Voice Over Internet Protocol
- VOIP
- volume (disk)
- Virtual Private Network
- VPN
- VPS
- Volume Snapshot Service
- VSS
- vulnerability
w
- WAN
- Wide Area Network
- weblog
- Wi-Fi
- wifi
- wireless network
- wireless network adapter
- What You See Is What You Get
- WYSIWYG
x
- XSS
y
- Your Mileage May Vary
- YMMV
z
- zero-day
- zombie
(“sandbox IE”). This tool limits the malware’s ability to act outside of Internet Explorer and it deletes everything that may have been changed on your system when you exit the browser.
Avoid the site
Ultimately, if you’re really concerned about a site, I’d simply avoid it.
The unfortunate truth is that you can take a lot of steps to protect yourself, gain a good level of confidence, and still be wrong.
Backup your stuff
As always, the one level of protection that you absolutely can put in place that will protect you no matter what is a backup.
Take a system image backup of your machine on a regular basis. That way, if you do go to a malicious website and you later find out that you’ve been infected, you can simply restore that machine to the most recent backup. For example, because I backup every night, I can simply restore to the previous night’s backup if I’m ever infected. And I then also know never to go back to that website again.
So, those are your options. This is a difficult problem to solve, but hopefully, some of these ideas will help you raise either your confidence or suspicions in whichever site that you’re investigating.
This is far from a sure fire solution, but installing the WOT plugin for your browser will warn you of many sites containing malware and prevent them from loading when you click on them unless you choose to override their block.
Web Of Trust – Website Trust Ratings from Other Internet Users
Mark,
Don’t those site ratings services tend to have a bunch of false positives (warnings)?
Absolutely, that’s why I said it’s not perfect. Still it’s useful. When in doubt, don’t. I find a lot of false positives with political and religious sites which are often attacked by people with opposing views.
Right. But if you’re getting warnings for sites that you’ve used for years without a problem (which I have experienced), you tend not to take the service as seriously. And that’s a similar risk to not using it at all.
An approach might be to use Sandboxie when a site is being reported as suspicious.
I simultaneously use WOT, Norton Site Safety, and McAfee SiteAdvisor to evaluate the riskiness of search results. It is not that rare for one of the software to show a red warning icon for a search result, while the other two software give it a green a-okay symbol. So who do you believe?
A user can go to zulu.zscaler.com to use their free URL risk analyzer tool. Just submit the URL you want to check out, and the tool will analyze various aspects of that web page, such as external links, content, full URL, and host reputation. For example, askleo.com generated a score of 38 out of 100 (the lower the score, the safer the page presumably), with the tool classifying the overall page risk as “Benign”. The askleo.com rating showed only one negative: the tool indicates the website has an “IP address (that) has been identified as risky by one/more sources”. I’m sure askleo.com is safe — right, Leo? ;-)
That’s one of the problems with websites like that – it’s possible that when I set up the askleo.com server I inherrited an IP address that perhaps had been previously used by a “risky” website. In a sense I may have “inherited” that reputation. One of the problems with those services is that it’s nearly impossible to get off their list of possibly risky sites.
I like the OffByOne browser for checking websites I’m not sure of.
Their overview page lists two limitations (other than the HTML 3.2 support)
-No JavaScript support (so no pop-up ad windows).
-No applet, plug-in or Flash support.
This cuts out most the ways for bad things to happen.
Thank You Yeppers for mentioning zscaler as another tool for Paranoid folks like me to use before visiting web sites.
I C&P the zscaler URL from Your comments above into Firefox without checking it first with Dr. Web Link Checker, because I know Leo wouldn’t allow sites mentioned in His Comments section to go to a Harmful web page.
Thank You for the comment and Thank You Leo for having a Safe Place to learn this here complicated stuff. . .
To be clear, I cannot vet every link that is placed in a comment. Even if I could there’s a window of time between the posting of the comment and my or my assistant’s getting around to it. Bottom line: don’t assume links in comments here aren’t risky – ultimately they could be.
Hey!, Thanks Kevin for telling about the OffByOne browser.
I’ll try it when I get a ROUNDTUIT. . .
Go to the library and test the site there.
Or if your friend’s house is closer than the library, test the site there.
i use the VirusTotal website to check files and websites for maliciousness > https://www.virustotal.com/en/#url
Thanks. Your comment says sandboxie can be used in IE, but no mention of FF. Their site does not mention is either. Does sandboxie work with FF and Chrome?
It’s name notwithstanding, sandboxie can be used to sandbox any application.
I also use http://www.urlvoid.com/ But, as Leo says, the best bet is to not go to that site.