How do I enforce email URL scanning across users with certain permissions?

Security & Compliance

Security & Compliance


When clicking on a web link in an email, people don’t really know where the link will take them to. Malware distributors use disguised links to fool people into visiting sites that attempt to install malicious code. Click and… CRASH.

Links might appear legitimate but have a letter missing or altered, such as “” appearing as “”. Another trick is to embed a hyperlink that is different from the text link shown in the message. Short links from services like “bitly” and “tinyURL” are great for fitting long links into email, Twitter and Facebook messages, but can also be used to hide malicious websites.

Phishing scammers send messages that pose as legitimate companies to deceive people into giving up personal or financial information. Here again, the links and destination websites appear legitimate, such as PayPal or a bank, but are not. Any personal or account information provided could be used for identity theft.

Among the myriad of internet security threats, the prevalence of malicious URL links is rightly one from which companies want to protect their users.

Start by educating users about URL risks

It will help if users appreciate the risks associated with email URL links and can take proactive measures themselves to avoid security problems. Educate users about what to look for and what to do:

  • As a general rule, do not click links in unsolicited email. It is better to go a website yourself and find the information or page you are looking for than to risk being redirected to a malicious site.
  • Check each link to know where it goes before opening it. Online services like can retrieve the original URL for shorts links. Browser add-ons are also available and they automatically expand short links so that you can see the full hyperlink.
  • Scan questionable or unknown links for safety. Malware distributors may use “%” symbols in their URL links as a form of encoding to hide the link’s true destination. Free services are available to confirm the reputation of web links, including Norton SafeWeb, and URLVoid.

Beyond educating users of these common pitfalls, the best approach for companies is to use real-time URL scanning and protection.

Employ an email protection solution that includes policy-based link scanning

Antivirus or anti-malware software or cloud services can include this feature. It automatically scans incoming emails for suspicious URL links and flags them.  It may also scan the link again once you click on the link.

Based the policies set by administrators and the severity of the threat, one of several actions is taken:

  • Quarantine message.
  • Deny click-through.
  • Warn and allow click-through.
  • Allow click-through.

Depending on the response, some user discretion is involved, which again affirms the need to educate users about the risks involved with clicking on unfamiliar or suspicious links.

In enterprise-class email protection solutions, administrators should be able to set the URL link scanning policies for all users. These generally are based on the groups and domains to which users belong.

More about Security & Compliance