6 Free Cybersecurity Tools

Easy & Free CyberSecurity Tools

Why do you need free cybersecurity tools? If you have ever worried about clicking a link, then you need to use cybersecurity tools. If you've never wondered about whether or not a link or an attachment is safe, then you definitely need to use these free cybersecurity tools! And the 5 free cybersecurity tools below are a great place to get started to better cybersecurity for your company! So...

  • Should I click this link?
  • Is this link safe to click?
  • Is this attachment safe?
  • Is my own website safe & secure?
  • How do I create a good password?

Maybe everything seems normal and legitimate, but you're not quite sure because your gut is saying otherwise. Whether it's a link in a website, a link from a form submission, a link in an email or an email attachment, or a link in a document, you can use these free online security resources to help you determine if the link is safe.

And don't just rely on one possibly outdated security program you might have installed on your computer years ago. These cybersecurity resources for small businesses use multiple tests in their analysis and reporting. They're quick and easy to use by simply copying and pasting a link into a testing tool, or by uploading a questionable file like a PDF or Word docx file to the testing tool.

So instead of clicking the link to open it and taking a chance that it might have malware, ransomware, a virus, etc., you need to copy the link URL (the address) of the questionable link...

  1. Right-click a suspicious link in an email, PDF or other document; this will not open the link if you do it correctly. To learn how to right click properly on your device, please go to Google or YouTube and search for "how to right click on a windows / mac / chromebook" and insert your type of computer; For example... "mac", "windows", or "chromebook".  If you're using a laptop and using the touchpad instead of a mouse, include the word "touchpad" in your search.
  2. In the popup choices after right clicking on the link, click on "Copy link address" (for Windows and Chromebook operating systems). On a Mac computer, control-click the link and choose Copy Link. (View image of this)
  3. Go to one or more of the website security tools listed below and paste in the URL you just copied. Wait for the brief analysis that will run for the link you provided, and then see whether or not you can trust the link and/or the website in question.

How To Copy A Link Address (URL)
Show less

#1 VirusTotal - Free
Free security check for  Files, URLs, Domains, IP Addresses and more
Best for: Checking specific web pages, entire domains and files such as PDFs, docx and more.  You can check multiple pages on your site or other websites
https://www.virustotal.com/gui/home/url

VirusTotal was founded in 2004 as a free service that analyzes files and URLs for viruses, worms, trojans and other kinds of malicious content. Since then, it has become a widely used ecosystem where everyone contributes and everyone benefits, working together to improve internet security.

VirusTotal is easy to use and helps you analyze suspicious files and URLs to detect types of malware. It also automatically shares the results with the security community to help protect everyone. This tool checks with over 80 security vendors to see if any of them have flagged a URL, file, domain, etc. as malicious. By aggregating security data from so many sources, this tool provides an excellent analysis for your security issue. Try a test at https://www.virustotal.com/gui/home/url.

Show More About VirusTotal
Show less

#2 Sucuri SiteCheck - Free
Free website security check & malware scanner
Best for: Checking Domains and Specific URLs - Check multiple pages on your site or other websites
https://sitecheck.sucuri.net

Sucuri is one of the top rated website security companies for WordPress websites. This scan also works on old HTML sites, PHP sites, Joomla and others. Just enter a website address (URL), like example.com, and the Sucuri SiteCheck scanner will check the websites for

  • malware
  • viruses
  • blacklisting status

  • clickjacking
  • DDoS attack code
  • spam injection

  • malicious code
  • website errors
  • out-of-date software

You should avoid visiting sites that are known to have malware, viruses, malicious code, etc. Additionally, you check your own website to see if it is safe and secure.

You can also install Securi website security on your own website.

They are especially well known for having one of the best malware removal services and for their Web Application Firewall (WAF).

Additionally, Sucuri protects your website from hackers, malware, DDoS attacks, suspicious redirects, rogue iframes, link injections and even alerts you if your site is blacklisted. In addition to providing WordPress website security, they help secure websites running on Joomla, Drupal, PHP, .NET and older sites using HTML.

Show More About Sucuri SiteCheck
Show less

#3 Sucuri Unmask Parasites - Free
Focused test to reveal hidden, illicit links and redirects maliciously inserted into your website
Best for: Website owners to check your own website(s) for parasitic hacks
https://unmask.sucuri.net/

Sucuri's Unmask Parasites tool identifies hidden, illicit content that may have been maliciously inserted into your website, without your knowledge or consent, through security vulnerabilities in your website. Just like in nature when a parasite attaches itself to a host (think about ticks), the parasite benefits from a prolonged, involuntary and undetected close association, which is harmful to the host. It's the same thing on your website if you get a parasitic hack.

One parasitic method hackers use is to maliciously insert hundreds of hidden links into web sites in order to advertise medications (often ED meds and supplements), cheap loans and porn, etc. About fifteen percent of all web pages tested with this tool have shown parasitic infections.

Another example of hidden malicious content is a method where hackers steal your search engine click-through visitors from Google results where rank high,  and they redirect those people intending to visit your website to completely different web sites owned by spammers. So people who want to see your website never get to it.

Parasitic redirects are hard to detect because...

  1. How often do you lookup your own company on Google?
  2. And when you hopefully see yourself ranking well in the search results, how often do you actually click on your website's link in those search results to test it?
  3. how often do you carefully read every page of your website so you might notice some illicit inserted links?

If you're like most small companies, then not very often, if ever. And this is why random, malicious insertion of nefarious links on your own website are extremely hard to notice. And this is why your company needs a comprehensive WordPress website security plan.

So parasitic hacking is a serious problem. It steals your traffic. It will, over time, cause you to lose ranking in the Google search results. It might even result in Google banning your website from the search results because your website just looks like a scam to the search engine algorithms. Plus, it can seriously damage your reputation among your customers and potential customers.

At Baer Web Design, we spend a lot of time tracking, evaluating and improving search results for our clients. Part of that process is clicking on our clients' competitor websites in the search results to analyze what is helping them rank as well as to see what cool things they might be doing on their websites. We have seen more and more parasitic "pharma hacking" among those competitor websites in the past few years because it works for the hackers.

Among B2B small business websites, parasitic hacking often goes undetected for months and months. Meanwhile you're unknowingly suffering damage in many ways. Among our clients, however, it has not happened so far because we implement extensive WordPress website security measures.

So for your website, you can either constantly search for your own website on Google and test the links, and carefully read every page of your website frequently to look for hacked links, or you can just run Sucuri's Unmask Parasites tool monthly. That's the quick, easy and free solution to avoid what can otherwise be a devastating hack against your company.

Learn more / FAQs: https://unmask.sucuri.net/service-faq/general/#1

Show More About Sucuri Unmask Parasites
Show less

#4 Google Transparency Report / Google Safe Browsing - Free
Identifies unsafe websites across the web and and allows individuals to check the safety of specific web pages
Best for: Checking Domains and Specific URLs
https://transparencyreport.google.com

The Google Transparency Report's Safe Browsing technology analyzes billions of web pages daily looking for unsafe websites. But you can also use this tool to see whether a specific website is dangerous to visit. Just copy the web address URL and paste it into the "Search by URL" field.

Thousands of new unsafe sites are found daily with Google's Safe Browsing technology. Many of these websites are legitimate websites that have been hacked. When Google detects unsafe sites, warnings are shown on Google search results and in web browsers. These warnings are designed to prevent users from visiting harmful sites and help them stay safe online.

So use this tool, for example, to check out the safety of a web page that was linked to in your email. Or when you're reading content on a site that suspect is kind of sketchy, use this tool to check out any links on that page before you click them! And check out the sketchy web page as well, by copying and pasting it's URL address into the Safe Browsing tool. It's quite simple... be suspicious of links and use the Google Safe Browsingtool to check them out.

Show More About MetaDefender Cloud
Show less

#5 MetaDefender Cloud - Free
Advanced threat prevention and detection for documents
Best for: Testing individual files like PDFs, Word docx files, etc. for malware.
https://metadefender.opswat.com/

File-based attacks are the most common method of cyber-security breaches in organizations. Is your company protected against one of your employees carelessly opening a malicious PDF file, Word doc or other email attachment? Is the person who sent the email legitimate? How do you even know which attachments are safe and which are not? Maybe it's important, so you just open open it! STOP! Check it on MetaDefender Cloud! As MetaDefender says, “Trust no file”!

This service is an easy and free cloud based security scanning tool that allows even small companies to increase their cybersecurity. Just upload and scan a file for viruses and then 30+ anti-malware engines will render a safety judgment in less than 10 seconds!

You can also copy and paste a URL link to a file, a web page, a domain or an IP address, but in our tests, this scanning method shows results for significantly fewer anti-malware engines vs. uploading an actual file.

So when you're not 100% sure, just scan it and protect your company against data breaches, ransom attacks and much more!

Show More About MetaDefender Cloud
Show less

#6 Password Strength Test - Free
Test the strength of your passwords with this free tool that measures 16 password strength criteria; From the University of Illinois at Chicago.
Best for: Everyone, or anyone who uses passwords!
https://www.uic.edu/apps/strong-password/?utm_source=pocket_mylist

A good password can make all the difference in the world between being safe online and getting hacked. In 2021, Microsoft studied over 25 million brute force attacks against login pages on "honeypot" servers they set up specifically to attract hackers.  The results were eye opening and show just how important and easy it is to take a few simple steps to substantially improve your password strength.

  • "77% of [brute force login] attempts used a password between 1 and 7 characters". This means that if you make your password at least 8 characters or longer, 77% of brute force attacks won't have any chance of breaking your password.
  • "A password over 10 characters was only seen in 6% of cases”. So make your password over 10 characters and then 94% of password hacking attempts against your logins will fail.
  • "...only 7% of the brute-force attempts he analyzed in the sample data included a special character." So if you add a special character ($, &, %, #, @, etc.) to a password longer than 10 characters, you're really making a bullet-proof password.

Other incredibly effective password hardening techniques include using numbers, mixing upper-case letters and lower-case letters, and even using a space between words, if the password setup allows this.

So make your passwords impossible for computerized brute force attack bots to guess using these password techniques. And they surely find your login pages and make educated guesses using known patterns like dates, names, locations.  And the brute force attackers will even run lists of stolen passwords through your login pages as well as any known information about you that might be associated with your email address or stolen login user names. So again, make your passwords almost impossible to hack, and test the strength of various password variations using the password strength test from the University of Chicago.

Additionally, be sure to check out these 11 WordPress Security Solutions for your website.

Show More About How To Create Effective Passwords
Show less

Small Business Computer Security Solutions

There are three security small business security solutions that we use and recommend. These are great for individual computers and mobile devices like phones. They are made for private individuals and businesses of any size. These are paid subscription services. Some have free versions as well.

AVAST Antivirus - https://www.avast.com

Avast is primarily an antivirus security tool and also has a great VPN. Avast can be installed on computers, phones and tablets. It's great for individuals or businesses of any size. Avast also has a very good VPN - a virtual private network. VPN's

Malware Bytes - https://www.malwarebytes.com

Malwarebytes is primarily a scanner that scans and removes malicious software, including rogue security software, adware, ransomware and spyware. It runs nicely in the background without interfering with your workflow.

VPN's - Virtual Private Networks

A VPN is basically a private, encrypted tunnel from your computer to the computer server hosting the web page(s) you're browsing.

Using a VPN means that you can't be tracked and watched because your traffic is encrypted. Any time you're on a website where you have critical and/or private information, you should use your VPN. Any time you're on a public network,you should absolutely use a VPN. Even using a VPN on a regular basis is helpful. It prevents your internet service provider from tracking your web activity and selling that data to the highest bidder.

Two VPN's that we recommend are:

AVAST VPN - 33% off Avast SecureLine VPN

Private Internet Access VPN - https://www.privateinternetaccess.com