Targeted Threat Protection: Verifying a URL

Document created by user.oxriBaJeN4 Employee on Feb 19, 2018Last modified by user.oxriBaJeN4 Employee on Oct 19, 2018
Version 11Show Document
  • View in full screen mode

This guide describes how administrators can verify a URL that has been rewritten by Targeted Threat Protection - URL Protect. This is important, as the original URL can tell you a lot about where you are about to go.

You can also check URLs via the Decoding URLs tool in the Administration Console. Alternatively, URLs that haven't been rewritten by URL Protect can be verified by other methods, such as using a search engine (Google etc.) to check if the link is associated with known phishing or malware attacks, or by using a service like Virus Total.

Applies to...

 

This guide applies to the following staff trying to ascertain whether a link is safe:

  • Administrators
  • Mimecast Support Staff 

 

Walkthrough

 

Verifying URLsTo verify a URL:

  1. Right click the URL.
  2. Click Copy Hyperlink.
  3. Paste the URL into your browser, but add a + to the end. For example, if the following protected link is issued: 

    https://protect-eu.mimecast.com/s/F6rYCAW0hl6wn3CQg3QZ
    Add a plus  sign at the end:

    https://protect-eu.mimecast.com/s/F6rYCAW0hl6wn3CQg3QZ+

  4. Press Enter.
  5. Review the Original URL to ensure it is safe to go there. This URL isn't clickable to prevent access to the URL before our security checks have been performed. Do not to copy and paste the exposed link for the same reason.

If you have the "Display URL Destination Domain" option selected in your URL Protect definition, the protected URL displays the destination domain at the end. For example, https://protect-eu.mimecast.com/s/F6rYCAW0hl6wn3CQg3QZ?domain=exampledomain.com.

See Also...

 

2 people found this helpful

Attachments

    Outcomes