最新您知道哪些法規適用於貴公司嗎?3 分鐘內即可確認。我們誠摯的禮物:歐盟法規工具韓國法規工具
我們能為您做什麼?

透過以下方式傳訊

KakaoTalkLINE

48 小時內回覆

傳送電郵給我們 →
部落格
What Happens When You Share a Link?
網路安全

What Happens When You Share a Link?

2026年6月10日·Alex Holmquist, Panke IT Solutions LLC

Have you ever thought about what happens the instant you share a link in a messaging app? A preview card appears — title, image, blurb — which means something just fetched that URL. The only question is who. There are two answers, and each has a cost.[1]

Two categories. Client-side apps — WhatsApp, iMessage, Viber — fetch the preview from your own phone, so the website sees your IP. Server-side apps — Messenger, Instagram, Slack, X — fetch from the platform, so the platform sees your link.

Client-side — WhatsApp, iMessage, Viber. Your own phone fetches the link, so the site on the other end sees your IP address and rough location. The messaging platform may never see the link; the destination does.

Server-side — Messenger, Instagram, Slack, X. The platform's servers fetch the link. Your IP stays hidden from the destination — but the platform now sees every link you send.

Either way, the link gets fetched. That is the part security teams forget.

During an incident, it becomes a trap. Paste an attacker-controlled link into a messaging app to discuss it, and something — your phone or the platform — pings the attacker's server. They see the hit, realize they have been found, and start erasing: rotate infrastructure, wipe logs, pull payloads. One message can burn your whole investigation.

Before you share a suspicious link, know where it will be fetched from — and who is waiting on the other end.


When you share a link, who is watching the other end?


References

  1. Mysk, "Link Previews: How a Simple Feature Can Have Privacy and Security Risks" — https://mysk.blog/2020/10/25/link-previews/
擔心您的攻擊面暴露風險?

若想了解您的基礎設施在攻擊者掃描模型中的評分,請聯絡 contact@pankeit.com,進行攻擊面評估。

訂閱我們的部落格

掌握最新資安趨勢

絕無垃圾郵件,隨時可取消訂閱。

©2026 Panke IT Solutions LLC

Austin, TX