Can you catch a virus by clicking a link?

In an era of cybercrime and data breaches, fraudsters will try everything to trick you into giving away your data so that they can profit from it. Everyone knows that we must be vigilant, but it can be so easy to mistake a fraudulent email with a legitimate one. Called phishing, this attack sees a hacker send you an email with a link to a fake website or a virus. But if you click the link – will you automatically catch the virus, or would you still have time to recover?

The answer is that it is dependent on the type of link the hacker has sent you. If the link you click on contains malicious code, then it is entirely possible that you could enable a virus. While most PCs and tablets will contain the latest anti-virus and browsing software, if you are running outdated applications, then you are putting yourself at risk. You must always update your software to run the latest version as this eliminates any bugs which could expose your devices to being hacked. The easiest way to protect yourself against this is to regularly run updates on all your applications and to make sure that you have the latest anti-virus software installed.

However, if the link does not contain malicious code, then often you will be redirected to a webpage where you are encouraged to give away your personal data or to download attachments. If this is the case, then you will usually have the chance to exit the browser or turn off your device. By doing this, you can minimize the risk of falling victim to the hacker.

In addition to these tips, you should always remember:

  • If it looks wrong, it probably is wrong. Phishing often looks, well, fishy. If you find typos in an email supposedly from your bank, then this should be a red flag. The same goes for all-capitals in the email’s subject and a few too many exclamation marks.
  • Check the email address carefully. If you regularly receive emails from a company, these emails will usually come from the same address. If you begin receiving emails from a different address, especially one that looks strange, this could be an attempted hack.
  • Watch for impersonal introductions. Your bank, Paypal or eCommerce site will know your name so if you begin receiving emails from companies which address you as “Dear Customer” or a similar variation, it’s a clear warning sign.
  • Beware of threats and urgent deadlines. Sometimes a reputable company does need you to do something urgently, but usually, threats and urgency are a sign of phishing: if you’re being asked to do something to prevent your account being shut down, or within a tight deadline, its cause for caution.
  • Be cautious about phone numbers and web links. If you receive an email asking you to provide your personal details or to call a random number, you should find official correspondence and use the contact details on there instead. And if you’re asked to click on a link that looks legitimate, hover your mouse over it to see if you’re actually being sent to a different site – don’t click on it if so.
  • Don’t think phishing is just about email. While phishing does often take place through email, lots of the attacks are carried out through fake websites, instant messaging software and other channels. You should always be alert when seemingly-trustworthy companies or contacts are trying to get you to divulge any data that could compromise your online security.

If you remember these tips, you should be able to avoid the panic of clicking on a malicious link.