I recently received an email, asking me to visit a vendor's site, but it had a hyphen in the URL. I don't remember a hyphen. I deleted the email. Did I do the right thing?
You did the right thing - when in doubt, never select an embedded link from an email or text.
It is hard to know, but the email you received may have been a social engineering scam called "typosquatting". In a typical typosquatting scam, criminals mimic the design of a popular website and register a URL nearly identical to the site mimicked.
The difference between the real URL and the imposter is often very subtle like an added letter, often an "s"; an added word like "the" ; an added punctuation like an apostrophe; or an added symbol like a hyphen. These changes often escape spell checkers and browser security. They can entrap those that make a typo when entering a URL or simply believe the imposter URL is correct.
Typosquatting has been around for a while, but it is making a comeback. According to one investigation, "200 fake domains impersonating 27 popular brands to trick users into downloading Android and Windows malware" were recently discovered. https://www.tomsguide.com/news/these-misspelled-websites-are-spreading-nasty-malware-how-to-stay-safe
To prevent being ensnared by typosquatting, you should avoid links in emails and texts. Instead, go to a trusted search engine and search independently of an email or text. Additionally, make sure you are typing in the correct URL when you are visiting a site. If the site is flagged as unsafe or looks off, even by a little bit, then do not enter any information.
The final takeaway is that typosquatting is a simple, but effective method of deception, especially when embedded in an email from a source believed to be trustworthy.