Skip to site content

How to spot a suspicious link

The internet, social media and email are all connected by an almost endless web of hyperlinks. Hackers once used fishy email attachments to get at your sensitive data. Now, they can use links to hide sites with malicious code. When you are browsing the web it can seem impossible to be sure if a link you are about to click is safe.
Look for the following signs that the link isn't going to lead you were it seems:

The link is in an unsolicited email

If you aren't expecting the email, then that could be a good sign that the link isn't what it seems. Be on the lookout for emails that have misspellings, seem urgent or request you to sign-in. Check and see who the sender of the email is. Hackers will often try to impersonate a trusted sender, such as your bank or your boss. If you aren't sure of the source of the email, take the time to call the sender and verify.

The link is "shortened"

Shortened links happen when someone uses a service to generate a short version of long URL. Short links are useful for relaying long links or sharing to microblogs, like Twitter. They can also hide dangerous websites. You can hover over the link to see the actual URL in most email services.
Hover your mouse over suspicious links
If you can't tell by hovering, use one of these websites to expand the link:
Remember, if you aren't sure, don't click the link. Instead, copy and paste it into one of the sites above to see where it is taking you.

The link is in a message

Text messages, Facebook Messenger, Slack and others are a great way to connect with each other. The popularity of these services also makes them a great tool for hackers to exploit. If you receive a link through one of these services, even from someone you know, be cautious before you click. Hackers will gain access to an account and use those contacts to spread malicious links. Some messaging tools give you a preview of the link that can help you decide if it is safe. Even on mobile, you can use the same steps to check the safety of a link.
On iOS, tap and hold the link and use the menu that appears on the bottom of your device to copy the URL.
On Android, long-press the link and select "Copy URL".
You can then open your browser of choice and visit a link checking site to see if the link is legitimate.

Stop. Think. Connect.

Before you click a link always remember to Stop, Think, and Connect.
  • Stop before you click and look at the source of the link.
  • Think about the timing, were you expecting this email?
  • Connect the dots, is anything about the message fishy?
Remember to visit for more articles on how to stay safe online.
- Enter Your Location -
- or -