Generally when you get a phising mail, the biggest challenge is finding if the site is genuine or not. And URL shortening services do not make it any easy. Earlier I had posted about using curl to expand the url in this post. However you might not be on a Linux terminal all the time (for example - you are checking something on your mobile), in that case what do you do?
There are some online proxy sites that you can use, for example :
and others, you will probably find a lot when you do a google search.
So, what do I do, just add a ‘+’ at the end of the url. For example if the url is hxxps[://]bitly[.]com/2JC0JHY, then you can type in the following in the URL bar hxxps[://]bitly[.]com/2JC0JHY+
Another good thing about doing this is that if the domain is flagged by someone to the URL shortening service (bit.ly in this case) then hopefully they will display a warning as well.