Intercom

When you hover over URLs in an any inbound conversations, you will see a tooltip appear that gives a URL preview. This is especially helpful for hyperlinked text and images.

If you click on an untrusted link, you'll see a message pop up which says:

You're about to leave Intercom. <br>[Domain name] isn't a trusted domain and may be unsafe. Make sure you review the link before opening it.

To reduce risk around clicking malicious links that may be hidden in conversations sent to your Help Desk, we recommend you always take a moment to check the URL to confirm it is something you would expect to see and it seems safe.

To read more about how to spot phishing attempts, we recommend reading <a href="https://www.cisecurity.org/insights/blog/a-short-guide-for-spotting-phishing-attempts" rel="nofollow noopener noreferrer" target="_blank">this short guide from the Center for Internet Security (CIS)</a>.

Links from trusted domains you've added to Intercom won’t trigger these link warnings. 

The following domains can be allowlisted:

<a href="https://www.intercom.com/help/en/articles/4418-list-trusted-domains-you-use-with-your-messenger">Trusted Messenger domains</a>

<a href="https://developers.intercom.com/docs/guides/help-center/custom-domains/" rel="nofollow noopener noreferrer" target="_blank">Help Center domains</a>

<a href="https://www.intercom.com/help/en/articles/7834162-configure-a-custom-domain-for-email-assets">Link branding domains</a>

<a href="https://www.intercom.com/help/en/articles/182-sending-email-from-your-own-address#verify-your-domain">Verified email domains</a>

Domains you manually list in <a href="https://app.intercom.com/a/apps/_/settings/attachment-settings#links" rel="nofollow noopener noreferrer" target="_blank">Security settings</a>.

- Intercom owned domains
- <a href="https://www.intercom.com/help/en/articles/4418-list-trusted-domains-you-use-with-your-messenger">Trusted Messenger domains</a>
- <a href="https://developers.intercom.com/docs/guides/help-center/custom-domains/" rel="nofollow noopener noreferrer" target="_blank">Help Center domains</a>
- <a href="https://www.intercom.com/help/en/articles/7834162-configure-a-custom-domain-for-email-assets">Link branding domains</a>
- <a href="https://www.intercom.com/help/en/articles/182-sending-email-from-your-own-address#verify-your-domain">Verified email domains</a>
- Domains you manually list in <a href="https://app.intercom.com/a/apps/_/settings/attachment-settings#links" rel="nofollow noopener noreferrer" target="_blank">Security settings</a>.

<b>When manually listing domains, be aware that: </b>

- We don’t automatically validate domains, so any errors e.g. spelling mistakes won’t be proactively flagged.
- We do automatically check to confirm the domain is in the right format.
- Domains should be comma separated. Commas can be followed by a space or not; the list will work either way.
- To mark all your subdomains as trusted, use an asterisk as a placeholder like this: <code>*.example.com</code> 

Link warnings are active by default unless you have explicitly chosen to deactivate them.

By configuring your trusted domains, you can reduce how often your teammates see link warnings; only showing them on domains you don’t know and don’t trust.

However, you may still wish to deactivate link warnings, e.g. if you have your own security measures in place that reduce the risk of teammates clicking potentially malicious links.

Teammates with <a href="https://www.intercom.com/help/en/articles/176-permissions-how-to-restrict-access-for-some-teammates">permission</a> to manage Security settings can disable these warnings in the <a href="https://app.intercom.com/a/apps/_/settings/attachment-settings#links" rel="nofollow noopener noreferrer" target="_blank">Attachments and Links</a> section in Security settings. When you do that you’ll see your name and the timestamp recorded in the Settings page and activity logs.

How to check if URLs in inbound messages are safe and reduce risk of teammates clicking malicious links.

Preview links in inbound conversations to check they’re safe to follow

Community

Product Changes

Home

Developers

Webinars

Blog

About

Academy

Terms

Developer Hub

Privacy

Resources

Support

Company

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you

Tickets

Português do Brasil

English

Français

Deutsch

日本語

Español

url(https://downloads.intercomcdn.com/i/o/509732/367f21e8ea49a0c1ead55ab2/5c8521cacae2cb425d976e25ded58a58.png)

Checking inbound conversation links

Trusted domains

Managing link warnings

💡Tip