Verify links by hovering before clicking

Before clicking any link in an email or text message, hover your mouse over it (or long-press on mobile) to see the actual URL. Phishing links often look legitimate in the text but lead to a completely different website. Check that the domain matches the real company.

Why It Works

Phishers disguise malicious URLs behind legitimate-looking text. A link that says "www.paypal.com" might actually point to "paypal-security.fake-domain.com." Hovering reveals the true destination before you click.

Tips

• The real domain is what comes immediately before the first slash: in "secure.bank.com/login" the domain is bank.com; in "bank.com.evil.net/login" the domain is evil.net
• If a link uses a URL shortener (bit.ly, tinyurl), be extra cautious — legitimate companies rarely use them in official emails
• When in doubt, navigate directly to the website instead of clicking any link