It’s important to be careful when you receive emails with links, especially if you don’t know the sender or the email seems suspicious. Here are steps that can help you find out if a link in an email is fake:  1. Check the sender’s address – look closely at the email address: Scammers often use email addresses that resemble official addresses but contain small variations (e.g. service@paypal.com vs. service@paypa1.com). – Check the domain: Make sure the domain after the @ is correct. Official emails come from official domains. – Unknown senders: Be sceptical of emails from senders you do not expect or do not know. 2. check the link before clicking – mouseover technique: Move the mouse pointer (without clicking) over the link. Most e-mail programmes and browsers will then display the actual URL, often at the bottom left. – Analyse URL: Check whether the URL displayed matches the expected website. Look out for spelling mistakes or unusual domain endings (e.g. .com, .net, .org vs. .xyz, .info). – Shortened links: Be wary of shortened URLs (e.g. bit.ly, tinyurl). Use services such as CheckShortURL (https://checkshorturl.com/) to display the full URL. 3. understand subdomains and domains – Fake subdomains: Fraudsters often use subdomains to appear legitimate (e.g. paypal.secure-login.com is not the same as secure-login.paypal.com). – Check the top-level domain: Pay attention to the domain directly before the extension (e.g. .com). For secure.paypal.com, paypal.com is the domain, while for paypal.com.scamdomain.com, the domain is scamdomain.com. 4. critically assess the content of the e-mail – urgency and threats: Emails that demand immediate action or threaten consequences (e.g. account will be blocked) are often suspicious. – Offers and prizes: Unsolicited notifications about prizes or offers that sound too good to be true are usually scams. – Grammar and spelling: Many phishing emails contain errors or unusual wording. 5. do not disclose any personal data – forms in emails: reputable companies will rarely ask you to provide personal information directly in an email. – Passwords and PINs: Never disclose passwords, PINs or other sensitive data via email. 6. use security software – antivirus programmes: Use up-to-date security software that can detect and block phishing emails. – Browser extensions: Install anti-phishing extensions that protect you while browsing. 7. check links safely – use online tools: Use services such as VirusTotal (https://www.virustotal.com/) or URLVoid (https://www.urlvoid.com/) to check URLs for security. – Do not click directly: Copy the URL (without clicking on it) and paste it into the check tool. 8. Contact the sender directly – Visit the official website: Manually type the known web address into your browser instead of clicking on the link. – Telephone contact: If in doubt, call the company on the official phone number. 9. Analyse email headers – Advanced analysis: In the email headers, you can find information about the actual sender and the route of the email. However, this requires technical knowledge. – Instructions: Many e-mail programmes allow you to view the header information via the settings or options. 10 General precautions – Updated software: Keep your operating system and applications up to date. – Two-factor authentication: Where possible, enable two-factor authentication for added security. – Change passwords regularly: Use strong, unique passwords for different services.  Additional tips – Stay suspicious: If you receive an email unexpectedly or it seems unusual, be cautious. – Inform friends and family: Share suspicious emails with those around you to warn others as well. – Report phishing emails: Forward suspicious emails to your company’s IT department or to the relevant departments.  Example of a suspicious email: – Sender: service@paypa1.com (note the “1” instead of “l”) – Subject: “Urgent action required: your account has been compromised” – Content: Request to click on a link and log in – Link: Shows https://www.paypal.com, but leads to http://malicious-site.com/paypal-login What to do? – Do not click: Do not open the link. – Delete the email: Remove the email from your inbox. – Change passwords: If you are unsure, change your password via the official website.