Download Article
Quick steps to know if a website is safe or a scam
Download Article
Are you concerned that a website or link you're visiting might be a scam site? There are many ways to check if a website is safe and legitimate using context clues and online tools, including the Better Business Bureau website. This wikiHow article will help you verify the safety and authenticity of any website, with expert advice from digital marketing expert Anar Kazimov and digital forensics expert Sgt. Scott Nelson.
Checking Website Legitimacy
There are many ways to check if a site is legitimate. You can use a website legitimacy checker in any browser. In Safari or Edge, look for a padlock next to the URL. In Chrome, click the icon to the left of the URL and look for "Connection is secure." Also, check the URL itself for an "https", ".edu", or ".gov".
Steps
-
Go to https://www.urlvoid.com in a web browser. URLVoid is a free website reputation checker that makes it easy to find out if a site is legitimate. The tool will also tell you where the website is located and how long ago the domain was registered.
- Some other website reputation checkers to try:
-
Enter the URL and click Scan Website . URLVoid will scan dozens of blocklists for the domain and let you know if it appears on any of them.Advertisement
-
Evaluate the results. Scroll down to the "Scanning Engines" section to see if the website appears on any reputable blacklists. If it does, don't trust the website.
- Keep in mind that just because a domain checks out on URLVoid, it's possible it just hasn't been reported yet.
-
Go to WOT Website Security Checker's Chrome web store page. Web of Trust's Chrome extension, "WOT Website Security Checker & Safety Checker," is a free tool that alerts you when you visit potentially unsafe websites. To get started, go to the WOT extension's page on the Chrome Store website . [1] X Research source
- You can also install WOT on any other Chromium-based web browser, including Microsoft Edge.
-
Click Add to Chrome . A confirmation message will appear.
-
Click Add extension to confirm. The extension is now installed.
- You may need to click Agree to continue.
-
Add the WOT extension to your toolbar. To do this, click the puzzle piece icon at the upper-right corner of Chrome, then click the pushpin icon next to "WOT: Website Security & Safety Checker." You'll then see a green circle at the upper-right corner of Chrome.
-
Click the green circle when viewing any website. If you're curious about a website's legitimacy, clicking the green circle will display a general assessment of the website's trustworthiness, including ratings from other WOT users and information about any trackers appearing on the page.
Advertisement
-
Type the website's name into a search engine and review the results. If the site in question is a hazard (or simply an overwhelmingly illegitimate site), a cursory Google check may be enough to inform you accordingly. [2] X Research source
- According to Kazimov, Google ranks websites based on how useful their content is. Instead of just looking for certain keywords, they now evaluate websites holistically to ensure the content that's most useful to people appears at the top of the search engine results page.
-
Check the site's security status in your browser's address bar. A web address that begins with "https" is more secure than one that begins with "http"—the "s" stands for "secure" and indicates that your communications with that website are encrypted. [3] X Research source
- If you're using Microsoft Edge, Safari, and some other web browsers, you'll see a padlock icon to the left of the URL in the address bar. In Google Chrome, click the icon of two sliders to the left of the URL and look for "Connection is secure." [4] X Research source
- You can click on the padlock icon or the sliders to verify the details of the website (e.g., the type of encryption used).
- A site that uses an "https" connection can still be unreliable, so it's best to verify the website using other means as well.
- Make sure the site's payment page, in particular, is an "https" page.
-
Evaluate the website's URL. A website's URL consists of the protocol type ("https" or "http"), the domain itself (e.g., "wikihow"), and the top-level domain, which is the extension that comes after the dot (".com", ".net", etc.). Even if you've verified that the connection is secure, be on the lookout for the following red flags: [5] X Research source
- Domains ending in .tk, .pw, .cc, ws, .xyz, .cm, .sbs, .zw, and .icu, as these are more commonly associated with phishing scams, malware, and other illegitimate websites. [6] X Research source
- Misspellings in any part of the domain name.
- Hyphens/dashes in a domain name, like amazon-4u.com, goog-le.cm, and fed-ex-tracking.com, usually indicate an illegitimate website.
- Domain names that imitate actual businesses (e.g., "Amaz0n" or "NikeOutlet").
- Uncommon domain extensions at the end of legitimate business names. For example, USPS.com is the United States Postal Service's official website, not usps.lost-packages.xyz.
- One-off sites that use a credible site's templates (e.g., "visihow").
- Too-good-to-be-true deals on shopping websites. Did you find a website that's offering a shockingly great deal on a rare collectible item you can't find anywhere else? Unfortunately, there are many fake online stores designed to steal your credit card information and money, and it can be tricky to tell the real from the fake. If a deal seems too good to be true, take that as a sign not to enter your personal information.
EXPERT TIPPolice Sergeant, Mountain View Police DepartmentScott Nelson is a Police Sergeant with the Mountain View Police Department in California. He is also a practicing attorney for Goyette & Associates, Inc. where he represents public employees with a myriad of labor issues throughout the state. He has over 15 years of experience in law enforcement and specializes in digital forensics. Scott has received extensive training through the National Computer Forensics Institute and holds forensic certifications from Cellbrite, Blackbag, Axiom Forensics, and others. He earned a Master of Business Administration from the California State University Stanislaus and a Juris Doctorate from the Laurence Drivon School of Law.Watch out for fake URLs in email. When you receive an email from a website, check the domain name carefully before clicking any links. Sometimes an email comes from what looks like Amazon.com, but is spelled A-M-A-S-O-N. If you put your mouse over the email header, you can see the sender's real domain name.
-
Look for poor grammar and a lack of professionalism. If you notice a large number of poorly spelled (or missing) words, generally bad grammar, or awkward phrasing, you should question the site's reliability.
- Even if the site in question is technically legitimate and isn't a scam, inaccuracies in language can also cast doubt on the accuracy of its information, thereby making it a poor source.
-
Watch out for invasive advertising. If a site has a stunningly large number of ads crowding the page, ads that automatically play audio, or pop-up ads that seem impossible to close, it's probably not a credible site. Additionally, consider looking elsewhere if you encounter any of the following types of ads:
- Ads that take up the whole page
- Ads that require you to take a survey (or complete some other action) before continuing
- Ads that redirect you to another page
- Explicit or suggestive ads [7] X Trustworthy Source PubMed Central Journal archive from the U.S. National Institutes of Health Go to source
-
Find the author of the website. Most sites provide a Contact or About Us page so that users can determine who owns the website and send questions, comments, and concerns to the owner. If the site provides news, health information, or something you want to cite in a paper , you should be able to tell who wrote the information you're reading. If author names are not listed, there's no Contact page, or the information on the Contact page doesn't match up with what you'd expect, question the site's legitimacy.
- Make sure you scroll all the way to the bottom of the site to search for the Contact page.
- If the site in question doesn't have a Contact page listed anywhere, it should be an immediate red flag.
-
Use a "Whois" search to find who owns a domain. If you're trying to figure out if a domain really belongs to a reputable company, you can perform a "whois" search to view the domain registration information, which displays contact information and other details for the domain's owner. To do this, go to https://lookup.icann.org and enter a domain name. [8] X Research source When checking whois data, be on the lookout for:
- Private registration: It's possible to register a domain privately, where a "private registration" provider serves as the domain's contact, instead of the actual owner. If a domain uses private registration, consider this a red flag.
- Suspicious contact information: For example, if the name of a registrant is "Steve Smith," but the email address is "ramsaybolton12345@hushmail.com", this might be a sign that the registrant is trying to hide their true identity.
- Recent registration or transfers: A recent domain registration or transfer may indicate that a site is untrustworthy.
EXPERT TIPPolice Sergeant, Mountain View Police DepartmentScott Nelson is a Police Sergeant with the Mountain View Police Department in California. He is also a practicing attorney for Goyette & Associates, Inc. where he represents public employees with a myriad of labor issues throughout the state. He has over 15 years of experience in law enforcement and specializes in digital forensics. Scott has received extensive training through the National Computer Forensics Institute and holds forensic certifications from Cellbrite, Blackbag, Axiom Forensics, and others. He earned a Master of Business Administration from the California State University Stanislaus and a Juris Doctorate from the Laurence Drivon School of Law.If you come across a website scam, report it. Contact your local local law enforcement agency for the most up to date information about whether the scam might be a federal or state crime. They can either take the report themselves or provide you with the right agency to contact.
Advertisement
-
Open the Google Transparency Report webpage . Google evaluates billions of websites each day for phishing, malware threats, and other unsafe sites. You can quickly run a website's address through this service to see its safety rating from Google. [9] X Research source
-
Type in the website's URL and click the magnifying glass. This includes the name of the website (e.g., "wikihow") and the extension (e.g., ".com").
- For best results, copy your website's URL and paste it into this field.
-
Review your results. If you see "No unsafe content found," the site should not be considered malicious—however, this doesn't mean it's reputable.
- The Google Transparency Report also provides examples of why it gave a certain site a rating so you can decide for yourself whether or not the rating rationale pertains to you.
Advertisement
-
Open the Better Business Bureau search page . First, it's important to understand that the Better Business Bureau is a private company, not a government agency. [10] X Trustworthy Source Better Business Bureau Nonprofit organization dedicated to promoting marketplace trustworthiness by educating consumers and reviewing businesses Go to source The BBB's goal is to promote transparency between businesses and consumers and offer a platform for consumers and companies to resolve disputes. [11] X Research source If the website you're worried about is a company, you can look them up on the BBB website to see if they've been rated or reviewed.
- You can also use the BBB's scam tracker to look up scam reports for websites.
-
Search for a website or business name. Enter the website's address or the name of the company you're investigating, then click the Search button to look up information.
-
Review your results. You can verify your website's credibility by comparing the Better Business Bureau's results with the website's claims.
- For example, if your website claims to sell shoes but the Better Business Bureau links the URL to an ad revenue service, you know that the site is a scam.
- However, if the Better Business Bureau results line up with the site's theme and there are more good reviews than bad ones, you can probably trust the site.
Advertisement
Community Q&A
Search
-
QuestionHow can I tell if a puppy retailer is legitimate?Community AnswerYou should adopt your puppy, not buy one. When you adopt a puppy from a shelter, it is usually already vaccinated and you're giving a lonely pet a home. Try looking up local shelters, and check their reviews.
-
QuestionIf a website doesn't update their pages regularly, does that mean it's fake?Community AnswerNot necessarily. Some small businesses use the web platform as a display window, setting things up and concentrating on the back-end. These tend to be businesses that either started as a traditional storefront, or saw the online market as an expansion from an existing venture. However, I would be wary of online-only businesses, or larger businesses that do not update their page regularly.
-
QuestionHow can I know if a product from an online shop is real?Community AnswerIf you find yourself questioning the validity of a product, it's best to look at the user reviews. You can expand your search to reviews of other products under the same company/brand. Let the reviews be your guide in deciding the legitimacy and quality of any product.
Ask a Question
200 characters left
Include your email address to get a message when this question is answered.
Submit
Advertisement
Video
Tips
- Certain top-level domains like .gov, .edu, .mil, and .int are restricted to government and educational institutions and, as a result, are legitimate. Most others, including ".com," ".net," and ".org," can be registered by anyone.Thanks
- User-driven sites (like eBay or Craigslist) are hard to classify as "safe" due to their dynamic natures. While you're unlikely to contract a computer virus from eBay, you still need to look out for instances of other users attempting to scam you.Thanks
Submit a Tip
All tip submissions are carefully reviewed before being published
Name
Please provide your name and last initial
Thanks for submitting a tip for review!
Advertisement
References
- ↑ https://www.mywot.com/browser-safe-browsing
- ↑ https://www.google.com/search/howsearchworks/
- ↑ https://www.cloudflare.com/learning/ssl/why-use-https/
- ↑ https://support.google.com/chrome/answer/95617?hl=en
- ↑ https://uscupstate.libguides.com/c.php?g=257977&p=1721715
- ↑ https://unit42.paloaltonetworks.com/top-level-domains-cybercrime/
- ↑ https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5495972/
- ↑ https://www.icann.org/resources/pages/faqs-f0-2012-02-25-en
- ↑ https://transparencyreport.google.com/safe-browsing/search
About This Article
Article Summary
X
To find out if a website is legitimate, Google the website’s name and review the results. If the site is illegitimate, a quick Google check will be enough to inform you accordingly. Also, look at the website itself to see if it connects securely over https and displays a tiny padlock icon in the address bar. If you want a more official confirmation of the site's legitimacy, use Google's Transparency Report or search for the site's name on the Better Business Bureau's website. For tips on using Google's Transparency Report tool, read on!
Did this summary help you?
Thanks to all authors for creating a page that has been read 2,343,890 times.
Reader Success Stories
- "Pretty much everything in the list I didn't know. Very interesting. I'm about to try and get an Emotional Stress Therapy dog certificate, but it seems there are lots of these sites and very expensive to get certificates. I've asked around but no one knows more." ..." more
Advertisement
"Pretty much everything in the list I didn't know. Very interesting. I'm about to try and get an Emotional Stress Therapy dog certificate, but it seems there are lots of these sites and very expensive to get certificates. I've asked around but no one knows more."
..."
more
"I'm considering making a purchase from a company that I have never heard of. This gives me several methods to ascertain that it is safe. I will definitely bookmark this article to use when I have concerns about unfamiliar websites. Thanks a lot."
..."
more
"It was super helpful! I received an email from a potential job but didn't see reviews at all, so I was skeptical. After reading this article, I feel more secure following up on the job offer."
..."
more
"It is always good to check if a website is secured or not. If the connection is not secure, don't enter any information. It best to leave the website if it isn't secured."
..."
more
"It helped me very much like all of your articles but on method 2, step 1, could you add a ulr copy for the google transparency site. Thank you."
..."
more
