How to check a link before you click it
Here’s a small, unfair truth about online scams: the email is the easy part to fake. A logo, a tone of voice, a sense of urgency, even your name at the top — all trivial to copy. The one thing a scammer can’t fully hide is where their link actually takes you. So that’s where you look. And reading a web address turns out to be a ten-second skill that puts the odds back in your favour.
A web address isn’t magic — it’s an address
We’re used to treating a link as a single magic word: you click it, something happens. But a web address has a structure, and once you can see the structure, the important part jumps out.
Take a normal one:
https://www.yourbank.com/login
Ignore the https:// at the front and everything after the first single slash (/login) — that’s just the specific page. The part that actually decides whose site you’re on is the bit in the middle: yourbank.com. That’s the registered domain — the name someone had to buy and prove they control. Everything hinges on that.
The one move: read the domain right-to-left
Here’s the whole skill. Find the domain (the bit just before the first single /), and read it right-to-left to its last two parts. That’s the real owner. Everything to the left of that is a “subdomain,” and the owner can set it to say literally anything they like.
Which is exactly how the trick works:
https://www.yourbank.com.account-verify.ru/login
At a glance that looks like yourbank.com. But read it right-to-left: the last two parts before the slash are account-verify.ru. That’s the real site. The www.yourbank.com at the start is just a subdomain the scammer named to fool you — it belongs to account-verify.ru, not to your bank. Your bank is nowhere in it.
So the question you ask every time is simple: reading right to left, is the registered domain exactly the real company’s — and nothing tacked on after it?
Don’t trust the words — check where it really points
There’s a second trap: the text you can see is not the same thing as the link underneath it. A link can say www.yourbank.com and quietly point somewhere else entirely. So don’t read the words — check the destination:
- On a computer: hover your mouse over the link without clicking. The real address appears at the bottom of the window (or as a little tooltip). Read that, right-to-left.
- On a phone: press and hold the link (don’t tap). A preview pops up showing the true address. Read it, then let go.
If the visible words and the real destination disagree, that alone is your answer. Stop.
The handful of tricks worth knowing
Once you’re reading domains, the common cons all become visible:
- The look-alike.
paypaI.comwith a capital i instead of an l;rnicrosoft.comwherernpretends to be anm; a zero standing in for ano. Slow down on anything that matters and read letter by letter. - The tack-on.
apple.com.secure-update.net— real domainsecure-update.net, with “apple.com” bolted on the front to reassure you. - The shortener. A
bit.ly/…style link hides its destination entirely. Fine from someone you trust; treat with suspicion from someone you don’t — you can’t read what you can’t see.
The check, and the rule behind it
Next time a message asks you to log in, pay, or “confirm” something, do this before you click:
Hover (or long-press) the link, find the domain just before the first single slash, and read it right-to-left. Is the registered domain exactly the real company’s, with nothing added after it? If it isn’t — or you can’t tell — don’t click.
And the rule that makes the check unnecessary in the first place: for anything that matters, don’t use the link at all. If “your bank” emails you, don’t tap what they sent — open your browser and go to the bank the way you always do, or ring the number on the back of your card. A real company loses nothing when you reach it yourself. Only a fake one does.
That’s the quiet power of learning to read an address. The scammer can copy the logo, the wording, the urgency — everything except the truth of where their link goes. And that truth is always right there in the address, waiting for anyone who knows to read it right-to-left.