Hover over links before clicking them

Links can’t always be trusted to go where they say they do. To avoid falling into a trap, hover your mouse over a link you’re not sure of to see where it actually leads. If you’re on a mobile device, you can usually do a light tap and hold on a link to preview where it goes. Try to notice the “root” domain. It refers to what’s in between the “http(s)://” and the first “/”. Phishing sites often have lengthy and/or suspicious roots, such as “system.confirm” or “web-paypal.com.”