are link previews safe

Are Link Previews Safe? Threat To Your Privacy & Security

Reading Time: 3 minutes

Last Updated on March 3, 2021 by Calvin C.

Background of link previews

A link preview is a pop-up display message containing an image, text or even a video that appears when you hover over a link. Are link previews safe? To find out, keep reading..

Link previews were introduced to popular chat apps like WhatsApp as a convenient way to display a summary of contents of a URL that is shared.

The app pulls the summary from either the website’s standard HTML programming language tags or meta tags.

Although this shows innovative use of technology, from a security viewpoint your digital security may be put at risk if the feature is not properly implemented.

How does this link preview put you at risk? There is more to it…

In order for you to understand the potential vulnerability created by link previews, let’s look at how an app generates the preview.

It happens in one of 3 ways:

1. Downloading the content

Here the app or platform first downloads the content of the link first then generates the preview.

In other words, the link is not opened by the receiving user and that offers a degree of protection.

Any malicious content hosted on the linked website does not reach you, the receiving user, right away.

2. Use of an external server

In this case there is an external server that is in the middle and is responsible for generating the preview.

The challenge comes because the external server usually makes a partial copy of the information included in the link.

In that case your privacy is at risk if the link is of a document or page containing sensitive data.

According to a research done by Talal Haj Bakry and Tommy Mysk, popular social media platforms like Tik Tok have been found to spy on their users.

In addition, they discovered that these services or apps download data and the magnitude depends on the file linked.

What’s shocking is that in some cases, social media giants like Instagram or Facebook downloaded the entire file (picture or video) irregardless of how large the file was.

In addition, for you to open the link, your device communicates with the server that the link points to.

This means your IP address can easily be identified and your privacy is compromised.

3. App generates the preview

In the last scenario, the chat app or social media platform generates the preview entirely.

In this situation, it’s easy for the sending server to obtain the end user’s IP address and location.

An attacker can send URLs with link previews that point to a website containing Javascript code, hence opens the door for attackers to launch a full malware attack.

are link previews safe?

What should you do?

Since these vulnerabilities are present and app developers usually react to outcries that arise from such issues, it’s important for the end-user to be on the safe side.

There are several ways in which you can protect yourself from being a victim of a cyber-attack via a link preview.

1. Use a VPN

A VPN not only hides your real IP address, but it encrypts all your data so that you are anonymous on the web and hackers are kept in the dark.

  • Our overall VPN of choice is NordVPN because it has all essential security features and is affordable.

This VPN has a lot of security features, more than any other VPN and its pricing is not out of reach.

Features include:

  • Adblock
  • Antimalware
  • WebRTC disabling
  • NordLynx protocol based on WireGuard
  • Onion-over-browser
  • Proxy versions for popular web browsers

If you need a more tailored approach, you can also select the best VPN for your country, device or use.

2. Make sure you have a reliable antivirus

If a malware attack is mounted on your device, make sure you are prepared.

An anti-virus software intercepts popular malware and prevents attackers from stealing your sensitive information or interfering with your device’s operating system.

Get the best deals on all top antivirus software by following the link below.

antivirus deal

Make sure that the antivirus is always up-to-date and you can set it to do that automatically.

Conclusion

As the social media apps and platforms are updated regularly, you never know when link previews are safe or not.

The best you can do is to take steps to protect yourself completely using the methods highlighted above.

Your personal information should remain private and it’s your right.

That means you should guard against any unauthorized access to it because you may end up paying dearly.

Leave comments below on what you are doing to guard against security leaks via link previews. 

Take action and I appreciate your support by sharing this post with your friends. 

Tech writer and VPN expert. DIY enthusiast and loves anything to do with space science.

Leave a Reply

Your email address will not be published. Required fields are marked *