Imagine: a newsletter of an online shop you like drops in your inbox’s spam folder. You open it anyway—after all, it’s not unusual for these emails to be incorrectly marked as spam. Not all components are loading as they should, but it looks convincing enough for you to open the link to see more. Once on the page, you sense something’s off. You take a closer look at the URL bar and realize this uncanny valley feeling is not unwarranted—it’s similar enough, but not the actual website. You’ve accidentally ended up clicking on a scam link.

Creating a spoof website remains a popular phishing technique among cybercriminals, and it can, unfortunately, convince unsuspecting users to give up their sensitive information themselves. Let’s learn how to check if a link is safe before clicking it to dodge such scams and stay safe online.

Why should you check if a link is safe?

It’s really simple—by opening an unsafe link, you risk your digital safety and put your private data at risk. Scam links are a prominent tool in phishing campaigns. Their goal is to get you to inadvertently reveal valuable personal information yourself. Phishy links aim to trick the user by imitating a reliable service. By the time you realize the website you visited wasn’t real, your data may already have made its way to the dark web.

Scam link campaigns try to toy with the users’ emotions and rationale. They often build a sense of urgency, for example, by convincing the user that there’s a problem with an account or a transaction. Likewise, they want to build trust with the target by imitating the service the user would otherwise believe to be real.

Your login details are valuable to scammers for a few reasons. One, they can sell credentials in bulk on the dark web for profit. Two, users still often reuse the same password for multiple accounts, meaning that breaching one can open the doors to many others, including governmental, medical, or banking accounts.

Speaking of banking, scam sites frequently replicate e-commerce pages, as fake purchases allow hackers to collect users’ payment information, like credit card numbers. They can then use this data in financial scams, like falsified tax returns or money laundering.

Personal addresses can also be stolen via scam sites, allowing hackers to spam not just your digital inbox, but your physical mailbox as well. Your address can then be falsely used to register fraud companies or to forge your identity online.

Malware is another risk you can run into when you’re faced with a scam link. Websites have different interactive elements that, once clicked, can download a file on your device. It’s an easy way for cybercriminals to infect your computer with malware like a Trojan virus, steal your data, install a keylogger, or cryptojack your device.

Overall, scam sites can wreak havoc on the security of your personal data. Learning to spot scam links and avoiding them altogether is a surefire way to keep your identity secure both online and in the real world.

How a scam link works

While the emergence of AI has made it more difficult to tell scam sites apart from legitimate ones, there are some telltale signs that they’re built with nefarious intentions.

The scam domain is often very similar to the actual page. It might use extra dashes and a subdomain to confuse the user. If the scam link leads to a mobile app, it might copy the logo and name of the service as well, replacing a few characters or making it appear more generic to avoid getting flagged by app store algorithms.

Not all scam links are overtly similar to their “inspirations.” Often, scammers use shortening services to create a custom coy link that does not immediately reveal the domain or allow the user to guess where it might lead. Such links can spoof parcel tracking sites, discount codes, and similar, more personalized offers and services.

Just clicking on a scam website does not mean that your device has been immediately hacked or that your data has been stolen. Such websites usually require you to perform actions yourself, like entering your login credentials, downloading a file, or connecting to a cloud account, before they can do any real damage. This means you have time to investigate the website to determine whether it’s legitimate or not.

How to tell if a link is safe

If you’re suspicious about a URL, there are a few ways to check whether it’s safe to open. It’s pretty easy to analyze the link yourself without opening it.

• Check browser history

  If it’s a site you’ve visited before, you can copy and paste the URL into your browser’s search bar or history to see if it finds any previously visited matches.

• Hover over the link

  If the link is embedded in a text like “Click here” or “Log in,” you can hover over it with your mouse to preview the URL, or right-click and copy it. Then, paste it safely into an empty document to get a better look at the domain.

• Compare with a legitimate link

  Likewise, you can take both the suspicious URL and the legitimate one, paste them into the same file, and compare the characters. Hackers are likely to use tricks like replacing the letter O with a zero or using a lowercase L instead of an uppercase i to trick the user. If the link is a match, proceed as usual. If not, you can run it through a deeper check.

• Use a link-checking tool

  You can use a dedicated website that scans a URL and sees if it’s safe. For instance, NordVPN’s Link Checker scans the URL for any malware or phishing threats and warns you if the link is unsafe, protecting you from a potential cyber incident. You can also attempt to find the site’s domain information to see if the registration is recent or matches the legitimate service’s data.

• Look for the HTTPS protocol

  Although it’s not recommended to open suspicious links, if you’ve done so, look at the protocol part of the URL. If you don’t see HTTPS at the beginning of the link, the site is not using a secure protocol, and your data is not being encrypted. You should close such a website immediately.

How to check if a link is safe on an Android or iOS device?

Checking whether a link is safe is a lot easier on a desktop—you can see the link preview on the browser, quickly check the security protocol, and even close the tab with a simple keyboard shortcut instead of a mouse click. With smartphones, matters are a little more fickle.

Links sent to a phone can be harder to copy, depending on app restrictions. The touchscreen also makes it harder to close or leave a suspicious link without accidentally pressing an interactive part of the screen. If the website contains pop-ups, closing them can also be a tough battle to win. Here’s how to check whether a link is legit to stay safe while browsing your phone.

For iOS phones, Safari offers a tool that alerts you if you attempt to visit a scam page. To use it, go to your phone settings, find “Safari,” and switch on “Fraudulent Website Warning.”

If you’re using an Android device, you can activate secure browser settings:

1. Go to your device settings and find the “Security and privacy” category.

2. Select “More security settings.”

3. Select “Android Safe Browsing” and toggle on “Use live threat detection.”

I think I clicked a scam link. What should I do?

Here’s some good news—simply clicking on the link doesn’t necessarily mean damage has been caused. Scam URLs are usually just one step of the process. Nevertheless, if you think you’ve opened a phishy site, act with caution.

If you opened the website

If you’ve opened a link and can clearly tell it’s a scam, close the tab immediately and delete it from your browser history to avoid accidentally reopening it. Alternatively, open the link using an incognito tab. This prevents the site from potentially accessing your personal data and keeps it from appearing in your history.

Make sure you don’t click anything on the site—even if you avoid the obvious interactive buttons, other design aspects and the empty background space might have been deliberately developed to be interactive. Do not enter any personal information, like login credentials, address, or payment information.

If the website prompted you to log in and you entered your credentials, make sure to change your password on the real site immediately. If the account did not have multi-factor authentication activated yet, consider switching it on. That way, even if the cybercriminals have taken your personal details, you will lower the chances of them overtaking your account.

If you downloaded a file

If the website caused you to download a file and you could not stop the download process, do not open it. Instead, delete the file from your device permanently. The file may contain malware that could infect your computer and gain access to your data. As a precaution, scan your device using antivirus software even after you’ve deleted the file.

Getting ahead of the fallout

Keep an eye on potentially breached accounts for the foreseeable future in case of suspicious activity or misuse. If you happen to use the same password for other accounts, update those login details as well. Make sure you use new and unique passwords for each account—you can easily do this with a password generator.

A good course of action is to contact the legitimate service provider to let them know about the scam. That way, criminal activities can be detected faster, and you can protect yourself and others from falling prey.

Staying secure online

Suspicious links are a sneaky online threat—they’re easy to overlook, but falling for them can have huge consequences for your personal data. So, make sure you stay alert, master the art of dodging insecure links, and get a few tools to help you keep your data secure even if a cybercriminal tries to target you, starting with a password manager.

NordPass is an intuitive password manager that ensures your login credentials are safe and only autofills them for you when it recognizes you’re on the right website. So, if you’ve got your bank password saved on NordPass and a scammer tries to get you to log in to a fake banking site, you won’t automatically log in by accident.

NordPass allows you to generate and store strong and unique passwords for your new and existing accounts, letting you quickly update any login credentials that might have been compromised. You can also use the Data Breach Scanner to check whether your password or credit card details have appeared on the dark web and take action to update your old credentials.

Sharpen your awareness of digital scams and keep your data safe with NordPass.