Maybe there are ways we can successfully avoid phishing emails and links 100%, if there are, I do not know any, but we can verify if the link sent to us is genuine or not.
We all know that THE SITE MUST USE HTTPS.
It is an SSL certificate that simply encrypts your connection more securely from malicious attempts by third parties. Phishing sites are malicious efforts carried out by a second party, its the site owner. In fact, fake and phishing sites can also activate SSL certificates, this method does not protect you from phishing at all.
SSL certificates are offered free of charge with hosting. It is even enough via Cloudflare, it is activated in two clicks. I'm sure that every scammer already knows that much and can activate the HTTPS protocol on the domain without any problems. Well, we can consider this as an absolutely unreliable method of identifying phishing and scam sites.
You have to manually type the url,
Manual URL entry, what can go wrong here?
This is probably the most common way confusion occurs. The user manually misses one or enters a wrong (but very similar) character, and of course a phishing site is waiting for him behind it.