Verify a URL — Practical guide to analysing a suspicious link
Got a link by SMS, email or messenger that you don't recognise? Before clicking, here is how to manually check the URL, its redirects and its reputation against public databases (Google Safe Browsing, VirusTotal, URLVoid).
The 4-step method
1. Visual review
Check the root domain (paypal.com, not paypa1.com), spot typos and suspicious subdomains.
2. Resolve redirects
Use unshorten.it or checkshorturl.com to follow every redirect down to the final URL.
3. Public reputation
Submit the URL to Google Safe Browsing, VirusTotal, URLVoid, PhishTank, OpenPhish.
4. Conclude
If any red flag shows up, don't click and report to your country's anti-phishing portal.
Technical signals to inspect
SSL certificate & issuer
Click the browser's padlock: validity, certificate authority, type (DV/OV/EV). An EV-SSL inspires more trust.
Domain age
Check the WHOIS creation date via whois.com. Under 30 days on a banking site = maximum risk.
Hosting & IP
Hosting country, ASN, neighbourhood. An IP shared with phishing sites is a red flag.
Redirect chain
How many hops? To which domains? Multi-redirects often hide phishing.
Public reputation
Submit the URL to Google Safe Browsing, PhishTank, OpenPhish, URLVoid for a cross-checked verdict.
Typosquatting detection
Visually compare the URL against the official top-brand domains (paypal, amazon, banks) to spot lookalikes.
Verify a URL — FAQ
Hover the link without clicking to see the real URL at the bottom of the browser. Confirm the domain matches the expected brand (paypal.com, not paypa1.com or paypal-secure.fr). When in doubt, submit the URL to Google Safe Browsing or VirusTotal for an external scan.
See also: reverse phone lookup
Got a suspicious phone call or SMS containing this link? Clairmo specialises in reverse phone lookup.
Check a phone number