Email Phishing Links: How to Inspect a Link Before Signing In
How to inspect links in suspicious emails before entering credentials or approving a payment.
Sender and link must both make sense
A familiar sender name is not enough. Check the sender domain and the link destination separately. Attackers often spoof display names.
Hover, copy, or inspect carefully
On desktop, hovering can reveal the URL. On mobile, long-press previews may help. Do not open the link if the preview looks strange.
Login pages deserve caution
Unexpected login prompts are high risk. If the email says your account needs action, visit the official site directly instead.
Business email risk
Invoices, vendor updates, payroll changes, and document links can create financial risk. Verify through a separate channel before acting.
What CheckLink checks
CheckLink can inspect the link destination and email sender pattern signals. Reports can add more context when business impact is involved.
Checklist
FAQ
Should I click to see where it goes?
No. Use a link checker or inspect the URL without interacting with the page.
What if I entered my password?
Change it from the official site, sign out other sessions, enable MFA, and report it if it was a work account.
Related guides
Use CheckLink before the next click
CheckLink provides risk signals and review paths. It does not guarantee that a website is risk-free.