Phishing links

A single link can carry the whole scam. Phishing links disguise their true destination to steal your login or push malware. Here is how they hide where they really go, and how to check one without clicking blindly.

Explore FraudScope Download on App Store

On-device iPhone · iOS 18+ Available now

What it is

The link is the trap

A phishing link looks legitimate but leads somewhere else: a fake login page that captures your password, or a page that quietly downloads malware. The visible text and the real destination can be completely different.

Scammers use lookalike domains, URL shorteners, and redirects to hide the truth. On a phone, where the full address is hard to see, this is especially effective.

Red flags

How to read a link before you click

You can spot many phishing links without opening them.

The domain is misspelled or uses extra words, like "paypal-secure-login.com".
The real brand name is buried in a subdomain, like "apple.com.verify-id.net".
A shortened or redirecting link hides the final destination entirely.
The link arrived unexpectedly with urgent language urging you to click.
The address uses an unusual ending or random characters after the domain.

In their words

What it looks like

// THE MESSAGE

Your Apple ID has been locked for security. Confirm your identity within 12 hours to avoid permanent suspension: apple.id-verify-secure.com/login

FraudScope reads it as

Phishing link. FraudScope flags that "apple" is not the real domain (the true site is "id-verify-secure.com"), plus the urgency and lockout threat. With URL Deep Inspection it shows the real destination and how new the site is.

How FraudScope helps

See where a link really goes

Drop a link into FraudScope and it explains the lure around it. With URL Deep Inspection (a Pro feature), it follows the link to reveal the true destination, the domain’s age, and its security certificate, so a 2-day-old lookalike site has nowhere to hide.

This is the one feature that reaches the internet, and FraudScope tells you before it does. Analysis runs entirely on your iPhone and makes no network requests. The only time FraudScope touches the internet is if you tap Inspect URL to check where a link really goes, and it tells you before it does.

URL Deep Inspection (Pro)Intent reconstructionDiscloses network use

Questions

Frequently asked

How do I check a link without clicking it?

On iPhone you can press and hold a link to preview the full address, but lookalike domains and redirects can still fool you. FraudScope’s URL inspection follows the link safely and reports the true destination, the site’s age, and its certificate.

Is it dangerous just to tap a phishing link?

It can be. Some links lead to convincing fake login pages, and others attempt to download malware or fingerprint your device. The safest habit is to verify a link before tapping, especially if it arrived unexpectedly.

Does FraudScope send my messages anywhere?

No. Analysis runs entirely on your iPhone with no network connection. The only time it contacts the internet is if you choose to inspect a link’s destination, and it tells you before it does.

Will FraudScope catch every scam?

No tool can. FraudScope is strongest with the full content of a message and weaker with a bare screenshot that has no link or sender. It is a powerful second opinion, not a guarantee. When in doubt, slow down and check with someone you trust.

Read the scam before it reads you

FraudScope explains what a suspicious message is really trying to do, entirely on your iPhone. Now available on the App Store.