Don’t believe everything you see—especially on the internet. Sophisticated scammers can make fake websites appear like the real thing and trick you into giving up money and sensitive personal information, which is why asking yourself “Is this website safe?” will serve you well as you browse the web.
‘Is this website safe?’ Why it pays to check
Fake websites and scam links can land in your lap in a variety of ways, such as phishing, spoofing and spyware. You may click a link in an email that directs you to a scam page disguised as something familiar or be redirected from a seemingly harmless social media post.
A criminal’s goal with a fake website is to steal your money, your personal or financial information, or both. Chris Parker, a security expert and founder of WhatIsMyIPAddress.com, says that commonly spoofed websites include banks and e-commerce companies.
In fact, a lot of unsafe sites are disguised as legitimate online shopping destinations. You enter your credit card number, but the product you ordered never shows up—and the site owner now has your stored login and payment information.
“During the holidays, when people are eager to save money, people often throw caution to the wind and click on links in emails promoting huge discounts on popular or hard-to-find Christmas gifts,” Parker said.
According to the FBI’s Internet Crime Complaint Center, more than 65,000 consumers lost nearly $184 million to these types of scams in 2018.
Parker noted that a side effect of spoofed websites is that “many individuals use the same username, email and passwords on multiple sites, so one compromised account leads to multiple compromised accounts.”
Another risk when you get caught on a fake website? Malware. Clicking spam links or navigating through a scam site can end with you downloading malicious software that infects your machine and sends your personal information back to criminals.
To avoid falling victim to phishing and other scams, never click links from unknown sources or spammy messages, and use a reverse email search to help try and see if that communication is coming from someone you know and trust. Then, learn how to identify an unsafe website.
7 ways to check if a website is safe
Thankfully, you don’t have to figure out whether a website is safe all on your own. Most web browsers have built-in tools that alert you to sketchy sites or even block access altogether—and there are a few signs you can look for as you surf the web.
- Use a URL checker. Norton and Google both offer free search tools that return a security rating and/or information about whether a website’s content is safe. All you have to do is plug in the website address.
- Use your browser’s security settings. Popular web browsers like Chrome, Firefox and Safari have built-in tools to keep you safe. Google Safe Browsing, for example, warns you if the site you’re trying to access has potentially malicious content. You can also customize pop-up settings, webcam access and more to create additional barriers between your data and bad actors.
- Scrutinize URLs carefully. Spoofed web addresses may look like the site you’re trying to access on first glance, but a closer look will reveal slight differences—google.com vs. goolge.com, for example, or Amazon.com vs. Amaz0n.com.
- Look before you click. Don’t blindly click links. Hover your mouse over a hyperlink to see the website address. You’ll usually see this pop up at the bottom of your browser window. If the URL is unrelated to the target site, overly complex, spammy or simply not what you expect, avoid it. A bad URL may redirect you to a page that looks real.
- Type URLs directly into your browser. If you know the address of the site you want to visit, type it into your browser bar yourself. This generally ensures you won’t land on a spoofed site.
- Look for HTTPS (vs. HTTP) or a padlock in the address bar. This isn’t a foolproof method for ensuring website safety, but it can help you sort out the obviously fake sites. The “S” simply means “secure”—and while it is possible for malicious actors to spoof, you definitely shouldn’t enter any personal data into a site with an insecure address.
- Search for the domain owner. Whois and ICANN’s domain lookup tool give you information about owns a website. Some of the data may be vague or hidden, but you can often see when a domain was created. If a supposedly credible website was born yesterday (literally), think twice about trusting it.
Safe web browsing requires a critical eye. Don’t trust everything you see, and know that many scammers are sophisticated enough to fool even those who are vigilant. In addition to the above steps to checking (and avoiding) unsafe websites, there are a few things to look for once you land on a page:
- Trust signals: Security or finance seals, such as icons from major credit card companies, may indicate the e-commerce site is safe to use. However, these are pretty easy to fake, so don’t rely solely on them.
- Privacy policies: Many countries require by law that websites have privacy policies, so this is a pretty good indication that a company is legit.
- Contact information: Is it possible to get in touch with the company? If not, it may be a fake.
- Spammy information, poor design and misspellings: While some fake sites look very real, others are poorly put together. This doesn’t guarantee a scam, but it should give you pause.
Finally, if you’re still unsure, google the company name rather than relying on a link you’re sent through an email or third-party site. And don’t be afraid to call the organization to verify that what you’re seeing is real.