How to check if a link is safe

Content on WhatAnswers is provided "as is" for informational purposes. While we strive for accuracy, we make no guarantees. Content is AI-assisted and should not be used as professional advice.

Last updated: April 4, 2026

Quick Answer: To check if a link is safe, hover over it to see the actual URL without clicking, look for inconsistencies or suspicious characters in the address, and use a URL scanner tool for a more in-depth analysis. Legitimate sites typically use HTTPS and have recognizable domain names.

Key Facts

Over 90% of phishing attacks use email links, making link safety crucial.
Phishing attempts have increased by over 61% in the past year.
HTTPS in a URL indicates encrypted communication, a good sign but not a guarantee of safety.
URL scanners can analyze links for malware, phishing attempts, and suspicious redirects.
Common phishing tactics include typosquatting and using subdomains to mimic legitimate sites.

Overview

In today's digital world, clicking on links is an everyday activity, whether it's for browsing the web, checking emails, or engaging on social media. However, not all links are created equal. Malicious links, often disguised as legitimate ones, can lead to phishing websites designed to steal your personal information, download malware onto your device, or redirect you to harmful content. Learning how to identify and avoid unsafe links is a fundamental skill for online safety.

Why Are Links Dangerous?

Links are the primary way users navigate the internet, but they are also a common vector for cyberattacks. Cybercriminals exploit the trust users place in links to achieve their malicious goals. These goals can include:

Phishing: Tricking users into revealing sensitive information like usernames, passwords, credit card details, or social security numbers. Phishing links often lead to fake login pages that look identical to legitimate ones.
Malware Distribution: Directing users to websites that automatically download harmful software, such as viruses, ransomware, or spyware, onto their devices.
Scams: Leading users to fraudulent websites that might ask for payment for non-existent goods or services, or promote fake investment opportunities.
Identity Theft: Gathering enough personal information through fake forms or surveys to impersonate the victim.

How to Check if a Link is Safe

There are several proactive steps you can take to assess the safety of a link before clicking on it:

1. Hover Before You Click

This is the most basic and often effective method. Before clicking a link, gently move your mouse cursor over it (on a computer) or long-press it (on a mobile device) without actually clicking or tapping. A small pop-up or a status bar at the bottom of your browser will display the actual URL the link points to. Compare this displayed URL with the one you expect. Look for:

Mismatched Domain Names: Does the domain name (the part between '://' and the next '/') look different from the official website? Criminals often use slight misspellings (e.g., `amaz0n.com` instead of `amazon.com`) or add extra words/hyphens.
Unusual Extensions: While not always a red flag, be wary of links ending in less common Top-Level Domains (TLDs) like `.xyz`, `.biz`, or `.info` if you're expecting a link to a major corporation that typically uses `.com` or `.org`.
IP Addresses: Links that start with an IP address (e.g., `http://192.168.1.1/login`) instead of a domain name are often suspicious, especially if they are trying to impersonate a known website.

2. Examine the URL Carefully

Even if the domain name looks correct upon hovering, scrutinize the entire URL. Pay attention to:

HTTPS vs. HTTP: Look for `https://` at the beginning of the URL. The 'S' stands for 'secure' and indicates that the connection between your browser and the website is encrypted. While most legitimate sites use HTTPS, its absence on a site where you'd expect security (like a banking or shopping site) is a major red flag. However, remember that phishing sites can also use HTTPS to appear legitimate.
Subdomains and Path: Criminals can disguise malicious links using subdomains. For example, `paypal.com.security-update.net` is not a PayPal site; it's a site called `security-update.net`, and `paypal.com` is merely a subdomain. The actual domain is `security-update.net`. Similarly, check the path after the domain name for anything unusual.
Special Characters and Long URLs: Extremely long URLs or those containing excessive special characters (`%`, `&`, `#`) can sometimes indicate an attempt to obfuscate the true destination.

3. Use URL Scanners and Safety Tools

For links you're particularly unsure about, or if you want an extra layer of security, utilize online URL scanner tools. These services analyze the link's destination and check it against databases of known malicious sites. Some popular options include:

Google Safe Browsing: (browsing.gogle.com/safebrowsing/diagnostic?site=) - You can paste a URL here to check its safety status.
VirusTotal: (virustotal.com) - A free service that analyzes files and URLs for viruses, worms, trojans, and other kinds of malicious content.
URLVoid: (urlvoid.com) - Scans URLs using multiple reputation engines to detect fraudulent or malicious content.
Browser Extensions: Many security software providers offer browser extensions (like McAfee WebAdvisor, Avast Online Security, or Norton Safe Web) that automatically scan links as you browse and warn you about potential threats.

4. Consider the Source and Context

Think critically about where the link came from and why you received it. Ask yourself:

Is the sender legitimate? Does the email address or message source match what you expect? Be highly suspicious of unsolicited emails or messages, especially those asking for urgent action or personal information.
Is the request expected? Did you recently request information or make a purchase that would warrant this link?
Does the message create urgency or fear? Phishing attempts often use tactics like "Your account has been compromised, click here immediately!" or "You've won a prize, claim it now!" to pressure you into clicking without thinking.
Are there grammatical errors or poor formatting? While not foolproof, many scam messages contain spelling mistakes, awkward phrasing, or unprofessional formatting.

5. Look for Trust Signals (and their absence)

On websites, especially those asking for sensitive information, look for:

Padlock Icon: The padlock icon in the browser's address bar, next to `https://`, signifies a secure connection.
Company Information: Legitimate websites usually have an "About Us" page, contact information, and privacy policies.
Professional Design: While not always indicative, poorly designed websites with low-quality images or inconsistent branding can be a warning sign.

What to Do If You Suspect a Link is Unsafe

If you've identified a link as potentially unsafe, do not click it. If you received it via email or message:

Do not reply: Replying confirms your email address is active.
Mark as Spam/Junk: Use your email client's features to report the message.
Delete the message: Remove it from your inbox and trash.
If it's from a known service (e.g., bank, social media): If the message claims to be from a service you use and requires action, go directly to the official website by typing the URL into your browser or using a trusted bookmark. Log in and check for any notifications or messages there.

Conclusion

Staying vigilant and employing these simple checks can significantly reduce your risk of falling victim to online threats. By combining technical checks with critical thinking about the source and context of links, you can navigate the digital world more safely and confidently.