ONLINE – All systems functioning normally

Safe Access to Sensitive Onion Resources

Before you open any onion link, you should understand how to verify its authenticity, whether it is an official address or a mirror, and how to minimise the risk of phishing and malware.

How to evaluate links and mirrors

Onion links are not human-readable, which makes it easy for attackers to create fake addresses that look almost identical to the real ones. This is why you should never blindly trust random links shared on forums, social networks or screenshots. Always cross-check a link using multiple, independent and reputable sources.

A common best practice is to compare a link against a cryptographically signed reference, such as a PGP-signed announcement from an official project. If you cannot verify the signature or the source looks suspicious, treat the link as unsafe and avoid clicking on it.

Recommended workflow for safe access

  1. Install the official Tor browser from the Tor Project website and keep it updated.
  2. Make sure you are not running additional extensions that could deanonymise you.
  3. Verify that the onion link you plan to open is published on an official, signed channel.
  4. Check whether the link has been unchanged over time; frequent changes can be a red flag.
  5. When in doubt, do not proceed. It is better to miss a site than to expose your device to malware.
Get Tor Browser Ask about verification

Primary access

A primary access link should come from an official source, ideally backed by a digital signature. Do not rely solely on screenshots or unverified lists posted by strangers.

Example “Link”

Mirrors

Mirrors are alternative addresses used when the main resource is unavailable. Treat them with extra caution and always confirm that they are officially announced.

Example “Mirror”

Official resources

When a project publishes an “official” address list, it should clearly indicate how you can verify that list. Prefer signed announcements over plain text posts or copy-pasted URLs.

Example “Official link”

Three key principles for safe link usage

Regardless of which onion website you want to visit, these three principles dramatically reduce your risk: use the Tor browser correctly, verify every link, and keep your operational security strong.

Verify before you click

Treat every onion link as untrusted until you confirm that it is authentic. Compare it with official documentation, signed statements and multiple independent sources.

Separate identities

Do not mix your real-world accounts with privacy-oriented browsing sessions. Use distinct email addresses, usernames and passwords that you never reuse outside of a Tor context.

Harden your device

Keep your operating system up to date, enable disk encryption and disable unnecessary software that could leak data about your activity, such as auto-sync services and invasive antivirus suites.