Queasy about a link in an email, a message, or in search results perhaps? Find out here how to test a link for phishing and security without opening it, and what to do when you suspect phishing.

First, the Hidden Landing Pad Marks on Flowers

are visible to you if you are a bee, for example, and see ultraviolet light. These bull’s eyes alert and guide bees to the sugary nectar (and the pollen, of course).

By taking pictures in the ultraviolet and mimicking the colors bees’ eyes see most intensely, one can make the landing pads visible to human eyes.

Now, the flowery landing pads lead mostly to the good stuff; the internet, as you well know, is also mostly good. To make visible the few dangerous sites and pages, let us deploy a certain kind of “UV” vision:

How to Test a Link for Phishing (without Opening It)

To find out whether a suspicious link and URL—from an email, for instance, or received via a social network or a messaging platform—is safe to open:

  1. Important: Do not click, tap or open the link.
    • Consider every link suspicious unless you have a good reason not to do so. See below for more characteristics of a dangerous link.
  2. Copy the link’s URL.
    • Tip: Typically, you should be able to click with the right mouse button, tap with two fingers or tap and hold to bring up a context menu that lets you copy the link’s address, location or URL.
  3. Expand any shortened URLs to their full size and target.
    • Tip: Use a short URL expander; some will check a link’s safety in addition to expanding it.
  4. Use an online check for safe browsing on the expanded URL.
  5. If the link, after all these checks takes you to a page that has you log in to a banking, shopping or other site that holds or has you submit sensitive data:
    1. Open the institution’s official site or app.
    2. Log in manually using the app or page.
  6. If the link results in a file downloaded to your computer:
    1. Make sure to check the file with a virus scanner, either on your machine or online; here are the best free online virus scanners for suspicious files.

How to Test a Link for Phishing (without Opening It): FAQ

What should make me look suspiciously at a link?

Everything. Consider every link suspicious until and unless you have a good reason to believe it is safe.

Typical things that should raise flags:

  • The link is in an unsolicited message whose sender you cannot verify—via email, a social network, messaging, etc.
  • The link pretends to go to a safe, official site when it will actually take you to a phishing page.
    • Examples: Look for things like
      https://myaccountverification-paypal.ga/… or
  • The link uses a URL shortener; instead of a long address, you will see a shorter one that redirects to the eventual target page.
    • This, by itself, is nothing sinister, of course. URL shortening services offer easy to share, compact links that add tracking for the owner on top.
    • The shortened URL does not, however, allow you to see where you will end up right away, which should make you treat the link as suspicious initially.
    • URL shortening services include TinyURL, Bit.ly, t.co, goo.gl, ow.ly, x.co and many, many more.

Can my browser not check links automatically?

Yes, it probably can:

(How to test a link for phishing (without opening it) tested with desktop browsers; updated July 2018)