How do I automatically check links in my email throughout the day?

The problem

You receive dozens of emails with links every day. Some are legitimate, but others are phishing attempts, links to compromised sites, or cleverly disguised brand impersonations. A single click on the wrong link can expose credentials, install malware, or compromise your accounts.

Manually hovering over and evaluating every link is impractical. You need automated, recurring link safety checking that runs in the background without writing code or managing infrastructure.

How Unphurl solves it

Set up a recurring task in Claude Cowork or OpenClaw that reads your recent emails, extracts every URL, and checks them through Unphurl. Your agent analyses each link for phishing signals, brand impersonation, suspicious domain age, and redirect behaviour. Known domains (Google, LinkedIn, your company) resolve free. Only unknown URLs use pipeline checks. When something looks dangerous, your agent alerts you in plain language. OpenClaw's heartbeat system can wake up every 30 minutes to check new emails automatically.

Signals that matter for this use case

• – Brand impersonation catches fake login pages mimicking Microsoft, Google, PayPal, and 150+ other brands
• – Domain age <3 days flags the peak phishing window, when domains are registered and weaponised within 72 hours
• – Domain age <7 days catches slightly older but still suspicious infrastructure
• – SSL invalid reveals expired or misconfigured certificates, a sign of abandoned or malicious sites
• – Excessive redirects uncover redirect obfuscation chains hiding the real destination
• – Chain incomplete means the link destination is unreachable, likely dead or blocked
• – Phishing floor ensures any brand impersonation automatically scores at least 80

Suggested scoring profile

{
  "name": "email-check",
  "weights": {
    "brand_impersonation": 40,
    "domain_age_3": 40,
    "domain_age_7": 30,
    "ssl_invalid": 15,
    "redirects_5": 25,
    "chain_incomplete": 15,
    "phishing_floor": 80
  }
}

What a result looks like

Claude checks the last 4 hours of your email. It finds 35 URLs across 20 messages.

Claude alerts you: "Flagged a link in the email from 'IT Support' about resetting your password. Score: 80/100. Impersonating microsoft.com, domain registered 2 days ago. 1 credit used, 44 remaining." You decide to delete the email and move on with your day.

Cost

Most email links point to well-known domains (Google, Microsoft, LinkedIn, Zoom) that resolve instantly and for free. A typical 4-hour check might find 1 to 5 unknown URLs that require pipeline checks. The Starter package ($9 for 100 pipeline checks) lasts months of daily email checking, even at multiple sessions per day.

Get started

Add the Unphurl MCP server to your Claude configuration. This gives Claude the ability to check URLs directly during your conversations and scheduled tasks.

{
  "mcpServers": {
    "unphurl": {
      "command": "npx",
      "args": ["-y", "@unphurl/mcp-server"],
      "env": { "UNPHURL_API_KEY": "uph_your_key_here" }
    }
  }
}

Once connected, ask Claude: "Check the links in my recent emails for anything suspicious." For recurring protection, set up a scheduled task: "Every 2 hours during work hours, check my new emails for suspicious links and alert me if anything scores above 30." Claude reads your email, finds the URLs, runs them through Unphurl, and only bothers you when something needs attention.

OpenClaw users: Build an Unphurl skill and use OpenClaw's heartbeat system to schedule email checks. OpenClaw reads your email natively and can run link checks on a recurring schedule without any additional setup.

Pair this with the Unphurl companion skill to give your AI proactive link-checking behaviour across all your conversations, not just scheduled email scans.