How to Check Links Before You Click (and Avoid Getting Tricked)

Agent Alias reporting. You get a message: “Your account has been blocked — click here.” Heart rate spikes. Palms sweat. Keyboard looks suddenly suspicious.
Breathe, rookie. This is exactly what scammers want: panic → click → oops.

Today’s op: learn a fast, safe way to check sketchy links without touching them.

Gadgets for the Mission

VirusTotal — Scans a URL against dozens of security engines and shares community notes.
urlscan.io — Opens the site in a sandbox and shows you what loads (screenshots, redirects, tech stack, domain age).

Good news: both tools do the dangerous peeking so you don’t have to.

Tips (Read First)

Do not click suspicious links. Ever.
Copy the link address (right-click → Copy link address). On mobile, long-press and copy.
Defang the link before sharing or saving it:
- http → hxxp
- . → [.]
  Example (declawed): hxxps://secure-paypal-login[.]info

Step-by-Step: Verify the Link

Hover & read the domain

Real brands live on their real domains: paypal.com, microsoft.com.
Fakes hide in look-alikes or subdomains:

Example: This a declawed URL that is a known phishing link and look convincing

xxps://secure-paypal-login[.]info

→ FAKE-y vibes (.info + brand name mashup)

Scan with VirusTotal

Paste the URL into the URL tab.
If any vendors flag it, treat it as malicious.

Even 1/98 isn’t a free pass—use your head and keep checking the details tab (domain age, whois, redirects).

VirusTotal scans with 98 antivirus vendors and gives it a score. This is enough information to keep you informed

Decide & act

Any red flags? Do not visit. Delete the message, report it, warn your team.
Already clicked? Change your password immediately and enable 2FA.

Real-World Examples:

Paypal Email:

this PayPal email looks very convincing but we can see some wrong spelling and grammar, whitespace, which gives us some clues.

We can see this convincing email, but we see one minor detail {fname}, which looks suspicious in itself.

Whenever you have any doubts about your account, you should go directly to the correct website or contact customer service to confirm.

Mini Mission

Pick 3 recent links from your inbox (promos, “security alerts,” or “delivery issues”).
Defang them.
Run them through VirusTotal and urlscan.io.
Note any red flags (new domain, login form, mismatched brand). Share a quick warning with others to keep them informed.

Final thoughts

Phishers want you to be rushed and reactive. You’re going to be calm and methodical:

Pause.
Hover.
Scan.
Decide.

Mission debrief complete. Stay alert, rookies — and remember, you control the click.

— Agent Alias

Digital Hygiene: best practices to keep you safe

Agent Alias reporting. Digital hygiene is just like brushing your teeth or taking a shower. Skip it, and things get smelly real fast. Online, that “smell” is hackers, scammers, and nosy strangers sniffing around your accounts. But here’s the good news: good digital hygiene doesn’t require advanced spy

How to Spot a Fake Profile (Without Being Fooled)

Agent Alias reporting. You get a new friend request. The photo? Crisp, professional. The bio? “Entrepreneur. Crypto Enthusiast. World Traveler.” Seems legit, right? Wrong. Fake profiles are one of the oldest tricks in the book, but they still reel people in every single day. Why? Because they tug at trust,

Reverse Image Search: How to Spot Fakes in Seconds

What is Reverse Image Searching This is a technique where you use an image rather than text to find information. Instead of asking "Who is this?" into Google, we can copy an image and paste it into our favorite search engine and see what happens. Why this matters

Why Intelligence Belongs to Everyone (and How You Can Start Today)

In today's society, we are hit with so much information every day, like fake news, AI-generated content, phishing emails, and they look so real, it's very hard to tell the difference. This situation can be very frustrating and invasive, and it leaves people feeling defeated! Most