Pay attention to the address bar
The first thing you want to look for on a website is the https:// at the beginning of the address. The S in https:// stands for secure and indicates that the website uses encryption to transfer data, protecting it from hackers.
If a website uses http:// (no S), that doesn’t guarantee that a website is a scam, but it’s something to watch for. To be on the safe side, you should never enter personal information into a site beginning with http://.
Some internet browsers, like Google Chrome, lend a hand in warning you about unsecured websites. When a site is secure, you may see a small padlock next to the web address, or the address may be highlighted in green. You might also notice the domain name next to the padlock before the https://. That means the website has one of the highest levels of encryption and can be trusted.
Example of a Secure URL: HTTPS
Some browsers highlight unsecured web addresses in red or simply say “Not secure.”
Not Secure URL Example
If you’re unsure, you can click on the padlock or “Not secure” notice to see more details about the website’s security. You can also check up on a site through Google’s safe site search. The presence of the https:// doesn’t guarantee security, but it’s a good starting point.
Don’t be fooled by fake logos.
Check sites for logos that indicate which security certifications a website has, like DigiCert, Verisign, or Symantec, for example. A scam site may copy and paste pictures of these logos on their sites. To check whether a certification is valid, click on the logo to see if it opens a new tab with details about the website’s security. If the logo is just a picture and not a button, it’s likely fake.
Check the domain or website name
A favorite trick of scammers is to create websites with addresses that mimic those of large brands or companies, like Yah00.com or Amaz0n.net. Scammers count on you skimming over the address and domain name, so it’s always worth double-checking the address bar if you’re redirected to a website from another page.
Watch for poor grammar and spelling
An excess of spelling, punctuation, capitalization, and grammar mistakes could indicate that a website went up quickly. Companies with legitimate websites may certainly have the occasional typo but still put effort into presenting a professional website. If a website capitalizes every other word or has a lot of odd phrasing and punctuation, take a closer look.
Look for reliable contact information
Look for several ways to contact the company (phone, email, live chat, physical address) and try them out. Does anyone ever answer the phone? Do you get a generic prerecorded voicemail or form email? If the only method of contact is an online email form, proceed with caution.
I once found a series of similar websites that all used the same “live” chat that generated generic responses instead of actually answering my questions. It was a huge tip-off that none of the sites were legit.
Look at what else is on the site.
Use only secure payment options
Shopping websites should offer standard payment options, such as credit cards or PayPal. If a website requires you to use a wire transfer, money order, or other unsecured (and nonrefundable) form of payment, we recommend staying away, even if the rest of the website looks legitimate.
Walk away from deals that are too good to be true
Sometimes retailers heavily discount older merchandise to offload excess goods or make room for new products, but if you find a site that has the latest iPad model listed at an 80% discount, walk away. Chances are high that you‘ll never see the goods you purchase or the money you spent.
Search Online Threat Alerts
Use Online Threat Alerts' search engine to search for a website or domain name to determine if it is a scam or not. Click here to search.