21 Tips to Check If a Link Is Safe Before You Click
Last Updated:
We’ve all seen ’em. Those sketchy-looking links that show up in emails from time to time. You know the ones I’m talking about – they just don’t look quite right.
Maybe the URL is weirdly long or complex, or the link text itself seems “off” somehow.
Well here’s the deal folks: If an email link looks shady, it probably is.
In fact, strange links are one of the most common ways hackers and scammers try to trick you into visiting malicious websites, downloading malware, or giving away sensitive info.
Clicking a bad link even once can spell disaster for your computer, your data, or worse – your wallet!
But have no fear, I’ve compiled my top 21 tips to help you check if a link is safe before you click.
Master these and you’ll be well on your way to an inbox that’s squeaky clean and super secure. Let’s dive in!
When in Doubt, Throw It Out!
Let’s start with the most important tip of all: If you have even the slightest doubt about whether you should click a link in an email, DON’T DO IT!
Your gut instinct is almost always right when it comes to spotting scam links.
If a link looks “off” for any reason, listen to those alarm bells in your head. Better to err on the side of caution than risk clicking something dangerous.
You’re not going to miss anything important by skipping one weird link. When it doubt, throw it out!
Check the “From” Address
Is the email really from who it says it’s from?
Hover over (but don’t click!) the sender’s name to see the full email address. If it looks suspicious or doesn’t match the company it claims to be from, delete that sucker!
Scammers often use fake “From” addresses to make their emails seem legit.
Hover Before You Click
When it comes to links, a healthy dose of suspicion is your best friend. Before clicking anything, always hover your mouse over the link first.
This will show you the actual URL it leads to. If the URL looks strange or doesn’t match what the link text says, steer clear!
Look for a Sense of Urgency
Scammers love to make you think you need to act RIGHT NOW.
But legit companies respect that you have a life. If an email is all “urgent action required!!!” odds are it’s phishy.
Take a deep breath and don’t let anyone rush you into clicking a questionable link.
Beware the “Login” Link
Getting an email claiming you need to login to your account to update info or check a message?
Be very careful. Legitimate services will almost never send you login links out of the blue.
Navigate to the site yourself to login. Clicking email login links is just asking for trouble.
Check for Typos and Weird Spellings
Scammers often try to make their malicious links look legit by using URLs that are juuuust a little off from the real thing.
Keep an eagle eye out for typos, extra characters, or weird spellings in links (amaz0n.com, micr0soft.com, etc.). Real companies don’t make those mistakes!
Watch Out for Sneaky “Look-alike” Links
Beware of homograph attacks! This is a tricky one, folks.
Scammers can use characters from different alphabets that look identical to letters in legitimate domain names.
So “apple.com” might actually be “аpple.com” – can you spot the difference?
It’s a Cyrillic “a” instead of a Latin one!
If something seems off, copy and paste the URL into a text editor to reveal any hidden trickery.
Don’t Fall for “Free” Anything
I’ll admit, those “You’ve won a free iPad!” links can be mighty tempting.
But let’s be real – legit companies aren’t in the habit of giving expensive stuff away to random people over email.
Anything claiming you’ve won a prize or offering something for free is almost certainly a scam. Don’t take the bait!
Strange Link? Google It First
Not sure if a link is safe? Do a quick Google search on the URL or link text before clicking.
If it’s a known scam, you’ll likely find info warning you to stay away.
When in doubt, let Google be your guide. A few seconds of searching can save you a world of hurt.
Or Better Yet, Virustotal It!
For extra link-checking power, you can’t beat VirusTotal.
This free service lets you enter a suspicious URL and instantly see if it’s been flagged as malicious by any major antivirus engines.
It’s my go-to tool for on-the-fly link safety checks. If VirusTotal says a link is sketchy, you better believe I’m not clicking!
Careful With Those “Security Alerts”
You just got an urgent email about a problem with your account, and you better click this link right away to fix it!
Yeah…no. This is a classic phishing tactic. Real security alerts will never ask you to click a link.
They’ll direct you to visit the site yourself. Be very wary of links in unsolicited “alert” emails.
According to the Federal Trade Commission, phishing scams cost Americans over $10 billion in 2023. Don’t let yourself become a statistic!
Short Links Can Mean Long Trouble
Sure, link shorteners like bit.ly or tinyurl.com can be convenient.
But they can also easily mask a sketchy link. If an email contains a short link and you really MUST click it, use a link expander service first to see where it actually leads.
Personally, I steer clear of clicking short links in emails altogether. Not worth the risk!
Didn’t Order It? Don’t Click It!
Look, if you didn’t buy something, you’re not getting a shipping notification or receipt for it. Period.
Fake “order” and “shipping” emails are a favorite trick of scammers looking to sucker you into clicking bad links.
Unless you know you made a purchase, send those suckers straight to the trash.
Got a (Real) Update Alert? Go to the Source
Software update links in emails are super sketchy 99% of the time. If you really do need to update something, close that email and open the actual program itself.
Almost all software worth its salt has built-in update systems that don’t rely on email links. Let the app do its job and fuggedabout that link.
Double Trouble: Links and Attachments
You know what’s even worse than a sketchy link?
A sketchy link AND a suspicious attachment, together in one terrible email.
It’s like a scammer double-whammy. Avoid avoid avoid! No legitimate sender will ask you to click a strange link to download an unexpected “important document.” Danger, Will Robinson!
Stick to Your Own Inbox
Here’s a bonus tip for all you shared computer users out there.
Even if YOU’RE a link-checking master, you can’t always count on your kid, friend, or SO to be as savvy.
Keep yourself extra safe by never clicking email links from other people’s inboxes.
They might have fallen for a trap you’d have spotted in a heartbeat!
When the Link is Mia
Ever get an email that LOOKS like it should have a link or download button…but doesn’t?
Major red flag alert! This is a common tactic scammers use to avoid getting flagged by spam filters.
They want you to reply to the email to ask for the link. Nooope, don’t fall for it! No reply, just delete.
Locked Pdfs Are a No-go
You know those PDF “invoices” and “statements” that demand a password to unlock them?
Hard pass, my friends. This is a classic way baddies trick you into enabling macros and running malicious code.
I don’t care if it looks like it’s from your bank, the IRS, or your dear sweet Nana.
If you didn’t request a locked PDF, it’s probably bad news.
When in Doubt, Go to the Source
Not sure if that “account alert” link is legit?
Need to update your billing info? Want to check on a fishy looking “order”?
Don’t chance it by clicking directly! Instead, open a fresh browser window and navigate to the company’s website yourself.
Login as normal from there. Takes an extra minute but is WAY safer than risking it on a scammer’s link.
And Finally, a Word on HTTPS
Now, you might have heard that an “https://” at the beginning of a URL means a site is totally safe. And it’s true that HTTPS is definitely preferable to plain old HTTP.
It means the connection is encrypted, making it harder for bad guys to intercept any sensitive info you share.
But here’s the thing: HTTPS alone doesn’t guarantee a site is legit.
Plenty of scam sites use HTTPS these days too. So while a lack of HTTPS is a definite red flag, its presence doesn’t automatically mean you’re good to go.
Still gotta use those smart link-checking skills!
Educate Your Friends and Family
Now that you’re a link-checking pro, spread the word!
Share this article with your friends and family, especially the less tech-savvy ones.
The more people know about spotting unsafe links, the harder it is for scammers to succeed. Encourage your loved ones to be cautious clickers, and offer to be their go-to resource if they’re unsure about a link.
Together, we can create a safer online community!
Now, I know we covered a lot of ground here. But when it comes to staying safe online, you really can’t be too careful.
Scammers and hackers get smarter every day, which means WE need to level up our link smarts to boot.
In 2023, the FBI’s Internet Crime Complaint Center (IC3) received over 880,418 complaints related to phishing and other email scams, with adjusted losses exceeding $12.5 billion.
Don’t become a victim – be proactive about your email safety!
Look, at the end of the day, the best way to avoid bad links is to stay alert, use common sense, and THINK before you click.
No amazing offer is worth compromising your data or device. And if something seems too good to be true in an email, you can bet your bottom dollar it is.
Happy safe clicking everyone!
RE: Jerry's comment - Ditto...
Binod Bharati, I have viewed several of your articles and I find the useful information. I will view them more as I Thank You for all your work. Look forward to the next ones. Jerry
Thank you so much, Jerry! I'm glad you're finding my articles helpful. I appreciate your support.
Thanks, Michael.