Back to Blog
Guides

How to Check if a Link Is Safe Before You Click

URLScans Team
6 min read

Almost every attack starts the same way: a single link in an email, a text, a chat message, or a QR code, with a nudge to tap it right now. The safe move is to check if the link is safe before you click — without opening it. This guide shows you how to copy a link the right way, scan it with a free link checker, and recognize the signs of a dangerous link in that split second before you tap.

Check if a link is safe now

Paste any link and get an instant Safe / Suspicious / Malicious verdict. Free, unlimited, no signup.

How to check if a link is safe (free)

Checking a link takes a few seconds and no account:

  1. Copy the link without tapping it. On mobile, long-press the link and choose “Copy”. On desktop, right-click and choose “Copy link”. Do not click through to “just see” where it goes.
  2. Open the link scanner (or paste it on the URLScans homepage).
  3. Paste the link and press Scan.
  4. Read the verdict. You’ll get a clear Safe, Suspicious, or Malicious result, the score, and the exact reasons behind it.

That’s the whole process — a free link check that runs against real threat intelligence instead of you gambling on a tap.

How to check a link without clicking it

This is the core lesson, so it’s worth stating plainly: never tap a link just to see where it leads. By the time the page loads, the risky part has already happened. Instead:

  • Copy, then scan. Copying a link is harmless; visiting it isn’t. Paste it into the link scanner and let it check the destination for you.
  • On mobile, long-press to preview the real URL. Long-pressing a link (instead of tapping) shows you the actual address it points to — which is often very different from the friendly text on screen.
  • Expand shortened links first. A short link hides its true destination, so expand it with the short URL expander before you decide whether it’s safe.

Because you only ever paste the URL, the page never loads in your browser — you find out whether a link is safe before you’re exposed to it.

Where dangerous links hide

The link that catches people out rarely looks dangerous. It arrives in the everyday places you already trust:

  • Phishing emails — a message that looks like it’s from your bank, employer, or a service you use, with a button begging you to “verify” or “update” something.
  • “Delivery problem”, bank, and package texts (SMS) — a short link claiming a parcel is stuck, a payment failed, or your account is locked.
  • QR codes on flyers and parking meters — a sticker or printout can point a QR code anywhere, and you can’t read the URL with your eyes.
  • DMs and group chats — links forwarded by a friend whose account may have been compromised, or dropped into a busy group thread.
  • Ads — sponsored results and banners that mimic a real brand’s login or download page.

Wherever a link comes from, the rule is the same: check if it’s safe before you tap.

Signs a link is not safe

Even before you scan, a few red flags should stop you. A link is more likely to be dangerous when you see:

  • Look-alike or brand-in-subdomain domainspaypa1.com, or a real brand name buried in a subdomain like apple.account-verify.example.com where the true domain is example.com.
  • A shortener hiding the destination — if you can’t see where a link actually goes, reveal it first with the redirect checker.
  • Urgency or threats — “your account will be suspended”, “act within 24 hours”, “final notice”. Pressure is designed to make you click before you think.
  • A login or payment prompt you didn’t expect — a page asking for your password or card details straight after you tapped a link from a message.
  • An unexpected download — a link that immediately tries to download a file. Scan it with the malware URL scanner before you open anything.

See any of these? Don’t click — check the link instead.

Check links on your phone

Most risky links land on a phone — in a text, a chat app, or a QR code — where it’s easy to tap by reflex. The link scanner works exactly the same on mobile: long-press the link, choose Copy, open the link scanner in your browser, paste, and scan. Copy, paste, scan — then decide.

Frequently asked questions

How do I check if a link is safe?

Copy the link without tapping it, then paste it into a link checker and scan. At urlscans.com/link-scanner you paste the URL and get an instant Safe / Suspicious / Malicious verdict — you never have to open the page yourself to find out whether it's safe.

How do I know if a link is safe to click?

A link is safe to click when a scanner confirms the destination isn't flagged for phishing or malware and the domain is what it claims to be. Watch for look-alike domains, shorteners that hide the real target, urgency or threats, and unexpected login or download prompts — any of those is a reason to scan before you click.

Is there a free link checker?

Yes. URLScans is a free link checker with no signup and no daily limit — paste any link at urlscans.com/link-scanner for an instant verdict. A free API key (1,000 scans/month, no credit card) is also available at urlscans.com/register if you want to check links from your own scripts or tools.

How do I check a suspicious link in a text message or email?

Don't tap it. On mobile, long-press the link and choose Copy; on desktop, right-click and choose Copy link. Paste it into the link scanner at urlscans.com/link-scanner and read the verdict. Because you only paste the URL, you stay protected from the page even if it turns out to be malicious.

Can I check a link without opening it?

Yes — that's the whole point. You copy the link and paste it into the scanner instead of clicking it, so the page never loads in your browser. URLScans evaluates the destination against threat intelligence and structural signals and returns a verdict without you ever visiting the site.

Check a link before you tap

Paste any link and find out if it’s safe — free and unlimited, no account required.

Check a link now
    How to Check if a Link Is Safe Before You Click | URLScans