Suspicious link checker

Suspicious Link Checker

A dangerous link can look close to the real thing. The safest move is to inspect the pattern before opening or entering information.

Check a suspicious link Read FAQ

Quick answer

The domain tells the story

Suspicious links often use lookalike domains, shortened URLs, strange subdomains, misspellings, fake login paths, or pressure language around the link.

Free scam check

The sample below shows a lookalike login link. Replace it with the link and the message that asked you to open it.

Sample loaded

Link signals to inspect

Do not rely only on visual design. Scammers can copy logos and layouts, but URL patterns often reveal risk.

  • Misspelled brand names, extra hyphens, or confusing domain endings.
  • Shortened links that hide the final destination.
  • Subdomains that put a brand name before an unrelated real domain.
  • Login, verify, claim, refund, prize, or unlock paths tied to urgency.
  • HTTP pages, unusual ports, or downloads from unknown domains.

Safer verification

If the link claims to be from a bank, delivery company, marketplace, or government agency, bypass the link.

  • Type the official website yourself or use the official app.
  • Search for the company and compare the domain carefully.
  • Do not enter passwords, codes, cards, or seed phrases after opening a link.
  • Do not download browser extensions, mobile profiles, or remote access apps.
  • If in doubt, paste the message and link into ScamSpot first.

What ScamSpot can and cannot do

ScamSpot analyzes the text and URL pattern. It does not crawl or visit every link in a sandbox.

  • It can flag common phishing and fraud patterns.
  • It can explain why a link looks risky.
  • It cannot guarantee a site is malware-free.

Example: lookalike bank URL

Input

Security alert: verify your account at https://bank-login-secure.example.net/verify-now

What to notice

  • The domain is not clearly the bank's official domain.
  • The message uses security urgency and asks for verification.
  • Go to the bank website directly instead of clicking.

Suspicious link FAQ

Can a link be dangerous if it starts with https?

Yes. HTTPS only means the connection is encrypted. It does not prove the website is legitimate.

What is a lookalike domain?

A lookalike domain imitates a trusted brand with misspellings, extra words, different endings, or confusing subdomains.

Are shortened links always unsafe?

No, but they hide the destination, so they deserve extra caution when money, logins, or identity are involved.

Should I paste a URL into ScamSpot before opening it?

Yes, especially if the link arrived with urgency or asks for personal information.

What if I already entered my password?

Change the password from the official website, enable two-factor authentication, and check account activity.