Tips and tools to check links in emails without clicking

check links in emails

Despite knowing all the perils of spam, phishing and malware-laden emails you will still get one that looks fairly good but you are rightfully suspicious and cautious of the content. What can you do to check for yourself?

Is it hidden?

Most of the suspicious links will have been hidden in the hope that you won’t see it’s true destination, and just the nice message asking you to ‘Click here to open’ or ‘Here’s your shared file’ etc.

Hover over it, just like this!

The simple answer to this is to hover over any obscured link. The pop-up window will show you exactly where it’s looking you to go. If it is an exact destination you know, then you can trust it a little more, but not 100%. Eg. https:// is a completely different destination to https:// and shouldn’t be trusted.


Is it unsolicited?

Were you expecting this email?
Is it from someone that you may possibly know, but would have no reason to contact you out of the blue?
Is it from a person or company you have never contacted or heard about before?
No?…then it IS unsolicited! Approach with caution and check all other points in this guide!


Is it a shortened link?

Used mainly for the Twitter generation (when it’s limit was 140 characters ) shortened links took a link of any length and cropped it to a minimum of characters, but in doing so it became obfuscated, you couldn’t tell where it really went!,,, tinyurl, are all legitimate services, but are easily abused and can send you to any destination, good or bad!

Short links are not always better links!

Expand the shortened link using an online service such as: and this will show you the true link destination.


Does it have lots of strange characters in it?

Hackers and malware distributors will often try to hide the address within a link by using URL encoding to replace the characters with special characters and strings of characters. Unless you use a decoding tool to replace these back in, it is highly likely that it is malicious and should not be clicked. Eg. the letter “A” when encoded would be translated into “%41”. To do this yourself, here is a useful decoding site:

Looks confusing, but it's supposed to!


Ultimately you should never click on a link unless you are 100% certain that it is legitimate and safe to do so. But to be protected in the  event that you are somehow fooled into clicking, follow these simple steps.

1. Hover and check (Hold the mouse curser over the link to see the actual address)

2. Were you expecting the email?

3. Expand shortened links (

4. Check all links for known nastiness:

5. Ask an experienced person for a second opinion

6. Trust your anti-malware software. (Make sure realtime scanning is enabled, enable email integration if offered, make sure it’s kept updated and maybe have 2!)

7. If in doubt, don't click!

Share your COVID-19 support service

Organisations providing support to people and communities during the COVID-19 emergency can share their service information here

> Share your support

Not a NICVA member yet?

Save time, money and energy. Join NICVA and you’ll be connecting in to a strong network of local organisations focused on voluntary and community activity.

Join Us

NICVA now welcomes all small groups for free.

Read more on...