SiteAlertAI SiteAlertAI
โฌก Web Scan ๐Ÿ”’ SSL/TLS ๐Ÿ“ฌ MX Record โœ‰ Email Header ๐ŸŽฃ URL Check ๐ŸŒ IP Geo
โฌก Web Scan ๐Ÿ”’ SSL/TLS ๐Ÿ“ฌ MX Record โœ‰ Email Header ๐ŸŽฃ URL Check ๐ŸŒ IP Geo
โ† All articles
Phishing 2026-03-02 ยท 5 min read

How to Safely Check a Suspicious Link Without Clicking It

The safest rule with an unexpected link is simple: do not click it. But you often still need to know where it leads. Here is how to inspect a suspicious URL without exposing your device or credentials.

Inspect it manually first

  • Hover, do not click โ€” on desktop, hovering shows the real destination in the status bar. On mobile, long-press to preview the URL.
  • Read the domain right-to-left โ€” the true site is the part just before the first single slash. In login.paypal.com.secure-verify.ru/xyz the real domain is secure-verify.ru, not PayPal.
  • Watch for look-alikes โ€” rn posing as m, a digit 0 for o, or extra hyphens and words.
  • Expand shorteners โ€” bit.ly and similar hide the destination; never trust a shortened link from an unknown sender.

Let a scanner open it for you

A URL scanner fetches and analyses the link in an isolated environment so you never have to. Our free Is This Link Safe? checker examines the domain age, redirect chain, TLS certificate, hosting, and reputation across 20+ security vendors and 24 blocklists โ€” and flags typosquatting, dangerous schemes and credential-harvest patterns โ€” all without you visiting the page.

If you already clicked

Do not enter any credentials. Close the tab, run an anti-malware scan, and if you typed a password anywhere, change it immediately and enable two-factor authentication on that account.

Put this into practice
Run a free, private scan โ€” no login, nothing stored.
๐Ÿ›ก Web Scan ๐Ÿ”’ SSL/TLS ๐Ÿ“ฌ MX & Email ๐ŸŽฃ URL Check

Related articles

Phishing How to Spot a Phishing URL Before You Click Phishing links rely on small visual tricks. Learn the red flags and how to check a link safely. Phishing Phishing Techniques Explained: How Attackers Trick You From typosquatting to homograph domains and open redirects โ€” the tricks behind phishing links and how each one is detected.
SiteAlertAI · © 2026 All rights reserved · Built for security professionals and developers.
Blog Privacy Terms About Contact Social

⚠ For authorised security testing only. Scanning domains you do not own may violate laws in your jurisdiction. SiteAlertAI accepts no liability for misuse. CVE data is indicative โ€” verify with NVD.