Phishing links are engineered to look trustworthy for just long enough to capture a password or payment. Understanding the common techniques makes them far easier to spot.
Domain deception
- Typosquatting — registering misspellings of real brands (
amaz0n.com). - Combosquatting — adding trust words:
apple-account-verify.com. - Homograph / IDN attacks — Unicode characters that render identically to Latin letters.
- Subdomain spoofing —
paypal.com.attacker.net, where the brand is only a subdomain.
Redirection and obfuscation
- Open redirects — abusing a trusted site's
?url=parameter to bounce you to a malicious page. - Numeric / hex IP hosts and long encoded blobs that hide the true destination.
- Free hosting and site builders used to stand up throwaway phishing pages quickly.
Delivery pressure
Urgency (\"account suspended\"), authority (\"IT department\"), and fear are used to rush you past your instincts. Slow down: legitimate organisations do not ask for passwords by link.
Check any link safely
Our URL safety checker automatically tests for every technique above — typosquatting, homographs, open redirects, dangerous schemes, young domains and vendor reputation — so you get a clear verdict before you click.