Shopping on a fake website could result in your personal or financial information being stolen or your device becoming infected with a virus or malware. Knowing how to spot red flags is crucial but simple once you know what to look for. We’ve got tips, tricks, and tools for checking a website’s legitimacy below.
How to Spot a Fake or Scam Website
Step #1: Pay attention to the address bar
The first thing you want to look for on a website is the https:// at the beginning of the address. The S in https:// stands for secure and indicates that the website uses encryption to transfer data, protecting it from hackers.
If a website uses http:// (no S), that doesn’t guarantee that a website is a scam, but it’s something to watch for. To be on the safe side, you should never enter personal information into a site beginning with http://.
Some internet browsers, like Google Chrome, lend a hand in warning you about unsecured websites. When a site is secure, you may see a small padlock next to the web address, or the address may be highlighted in green. You might also notice the domain name next to the padlock before the https://. That means the website has one of the highest levels of encryption and can be trusted.
Step #2: Check the domain name
A favorite trick of scammers is to create websites with addresses that mimic those of large brands or companies, like Yah00.com or Amaz0n.net. Scammers count on you skimming over the address and domain name, so it’s always worth double-checking the address bar if you’re redirected to a website from another page.
Step #3: Look up the domain age
Scammers know that more people will be shopping online during the holidays than usual, so they put together real-looking websites very quickly around those times. By checking the domain age, you can see how long the website has been in business, giving you a better sense of its veracity.
The Whois Lookup domain tracker gives you information about who a domain name is registered to, where they are, and how long the website has been active.
Step #4: Watch for poor grammar and spelling
An excess of spelling, punctuation, capitalization, and grammar mistakes could indicate that a website went up quickly. Companies with legitimate websites may certainly have the occasional typo but still put effort into presenting a professional website. If a website capitalizes every other word or has a lot of odd phrasing and punctuation, take a closer look.
Step #5: Look for reliable contact information
Look for several ways to contact the company (phone, email, live chat, physical address) and try them out. Does anyone ever answer the phone? Do you get a generic prerecorded voicemail or form email? If the only method of contact is an online email form, proceed with caution.
I once found a series of similar websites that all used the same “live” chat that generated generic responses instead of actually answering my questions. It was a huge tip-off that none of the sites were legit.
Step #6: Use only secure payment options
Shopping websites should offer standard payment options, such as credit cards or PayPal. If a website requires you to use a wire transfer, money order, or other unsecured (and nonrefundable) form of payment, we recommend staying away, even if the rest of the website looks legitimate.
Step #7: Walk away from deals that are too good to be true
Sometimes retailers heavily discount older merchandise to offload excess goods or make room for new products, but if you find a site that has the latest iPad model listed at an 80% discount, walk away. Chances are high that you‘ll never see the goods you purchase or the money you spent.
Step #8: Run a virus scan
An inundation of ads or pop-ups can indicate that a site isn’t secure. Ads themselves aren’t an indication of a problem, but if there are more ads than content or if you have to click through several ads to be redirected to the website, you have cause to be suspicious. There are several free resources that let you do a quick scan for viruses, phishing, malware, and known scam sites:
The best way to protect yourself against malicious websites is to install antivirus software on all your devices and to keep it up to date.
Step #9: Do your research beforehand
A quick online search of reviews of a website will tell you a lot. You can research the reputation of the seller through the Better Business Bureau and other official review sites. If there aren’t any customer reviews anywhere, that’s a concern. If you find large numbers of negative reviews, that’s a clear signal to walk away.
Step #10: Be proactive about protecting your information
- A password manager to keep your personal information safe from hackers
- Identity protection services to keep your identity safe in case of a breach
- Credit monitoring to lock down your finances
Don’t be fooled—be empowered
Online shopping can be a great and harmless experience as long as you watch out for these red flags and use some caution and common sense. Instead of feeling threatened by all the ways fake websites could fool you, realize that by knowing what to look for, you’re empowered to take control of your online experience.