How to tell if a website is fake or legit

The internet is a wonderful place for online shopping, connecting with family, and even reading news. It’s also become the main tool for work, school, and other important life transactions like banking. 

As good as the internet may be, cybercriminals lurk between websites. They constantly look for ways to scam and steal from users, so you might be worried that you might be next—and for all the right reasons.

Scammers use countless hacking techniques, including setting up fake websites. It’s so easy to fall into their tricks, especially when they copy authentic websites you regularly visit. A simple click can lead you to give up your personal information—and just like that, you can be a victim of fraud!

It’s important not to get complacent when enjoying the internet, and as people who receive spam emails, suspicious pop-up ads, links, and other seemingly legit content, we’ve looked into the signs that you should avoid a website at all costs.

In the end, you’ll know the one best trick we shared to make it easy for you to check a fake website, so you don’t have to go through every single method every time.

Keep reading without skipping! You wouldn’t want to miss out on a handy tool that you can use and spend a lot of time going through a long list of things to check.

Spotting fake or scam websites

Fake or scam websites can be notoriously difficult to spot, but they’re not bulletproof. This is what Glen Bhimani, the CEO and founder of BPS Security, one of the fastest-growing security firms in the US, believes.

“Fake websites almost always have telltale signs. A major sign is if the URL or domain name is just barely off from what you’d expect. For example, if you’re looking for Microsoft’s website and you come across a website with the domain name of Microsofter— it’s just enough to be odd but not enough to catch the eye of most people who are surfing the web.”

Some examples of fake website domains could look like:


Bhimani further shares that “Often it is in the little aspects of a website you’ll be able to determine if it is a scam website. Additionally, if the spelling or grammar is odd or poorly constructed, that is an immediate red flag.”

But what else should you look for? For BPS Security’s CEO, social media and review sites are key.

“Another great way to verify a website is to look elsewhere on the internet for them. If they don’t have social media presence or accounts for review sites like Google or Yelp, it’s far less likely that you’re doing business with a verified company.”

He further stresses that we must never give up sensitive information, such as social security numbers, over the internet. Information is always easy to compromise. 

You can check other aspects of the site, such as the contact details and other information. If you call it, does it answer? What is the CIN number of the business? Does the design look professional?

How can you avoid fake websites?

“How can I check the authenticity of a website,” you may be wondering? Here are some tips we’ve gathered from countless respected sources, along with methods you can take to proactively protect your information:

1. Check the domain age

We all enjoy online shopping, especially during the holidays. Unfortunately, scammers use the rush and gift-giving as an opportunity to trick shoppers. They come up with authentic-looking websites pretty quickly. Given the rush of it all, many end up being scam victims. 

Checking the domain age can help you avoid this tactic altogether, as you will see how long the website has been in business. If it’s fairly new, best to leave the site immediately.

The Whois Lookup domain tracker offers you the chance to check websites. You can find out where the domain name is registered and how long the website has been running. 

2. Don’t fall for suspicious deals

Prizes, free stuff, and coupons are too good to pass up sometimes. Retailers also put up heavy discounts on older items, a common tactic in the business world used to clear the shelves away for new products.

Those 80% discounts are enticing, but if the website lists down the latest iPhone model, you’re likely being guided to a scam. Walk away—they will never ship these products out to you. You’ll only lose money and personal information. 

3. Watch out for suspicious links in your emails

Although emails are generally considered safe due to encryption, many users still fall victim to scams. Hackers infiltrate emails through phishing attacks, which happen when you end up downloading attachments or clicking on links that seem legit.

So, it’s important not to click on any links from unknown senders, especially if the message looks suspicious. Links can easily look legitimate, but they’re often disguised and actually lead you to fake websites. 

If you receive a suspicious email, you can hover your mouse over the hyperlinked text. This will allow you to see the full URL, usually at the bottom left corner of your screen. If the link is full of random characters and quite a bit long, beware.

A legit and safe URL should always begin with “https://.” The “s” here stands for secure, meaning that the website uses encryption to relay data, making it relatively safe from cybercriminals.

Any website with only “http://” (without an S) may not be trustworthy, so it’s best to proceed with caution. You mustn’t readily trust these sites with your sensitive information.

4. Scan for viruses

Too many ads and pop-ups are usually indicators of an unsafe site. Although ads are generally safe elements of websites, too much of anything is never good. If there are more ads than web content, for example, you’re likely dealing with a scam website.

Other ads also force you to click on them to be redirected back to the website, and this can be a problem if you end up clicking on the wrong link. Often, these can also cause you to download malware or viruses accidentally. 

For free resources and quick virus scans, consider using any of the following:

Pro Tip: Visit a website checker to see if the site is legit

The steps above might seem like a lot of work. We think so too, and we can’t imagine how much longer it would take just to browse the web! Thankfully, there are tools like website checkers. 

A website checker comes handy when you want to verify a website that you suspect is fake. With this tool, you don’t need to do all the other checks. The checker will give you information on all potential vulnerabilities on the site.

In other words, you’ll see if the website has encryption and what level of verification it currently has. The lack of these two elements is a sign you can’t trust the site.

Some sites like ScamSearch have a list of scamming websites and will check if the website is a scammer site. This will save you time and effort checking every single sign or method every time you suspect that a site is fake.

Why should you worry about fake websites?

There is much to fear about scam websites, but when you think about it, they’re only products of human judgment and thinking—and not really bionic computer miracles. But this doesn’t mean we should stop worrying about them.

We have always heard warnings that tell us to watch what we do online, and it’s important now more than ever to tread carefully. The more accessible the internet gets, the more sophisticated hackers become.

Scam websites are some of the most common ways to trick people into giving away their information. The best thing you need to remember is that the most harmless-looking websites sometimes turn out to be fraud sites.

When cybercriminals access your sensitive information, they can use your data for nefarious purposes, such as identity theft. They might pretend to be you to drain your bank accounts, scam your contacts, and commit other crimes under your name.

That said, make sure to remember the tips we’ve given carefully. In doing so, you lessen the fear of surfing the internet—no one should give up on the digital world just because of hackers who can’t make honest living wages. 

You should protect your personal information at all costs, and this means not easily believing in information, not clicking on links, and consulting website checkers before your next move. 

How to report a scam website?

Sometimes, the hackers end up winning. You may have heard a friend or two talking about how they’ve lost money after clicking on email websites. They’re likely victims of phishing, and should this happen, it’s important to report it to relevant authorities immediately.

For Google users, you can turn to the Google Safe Browsing team. Follow these simple steps:

  • Step 1: Visit the SafeBrowsing Report page.
  • Step 2: Carefully type in the site’s suspicious URL.
  • Step 3: Complete the CAPTCHA. Don’t worry; this is completely safe.
  • Step 4: Describe what happened in your report. You can be as thorough as you wish. 
  • Step 5: Don’t forget to click “Submit Report.”

What to do if you’ve been scammed

No matter how careful we are, sometimes we end up falling into scams. If you live in the United States, turn to the Federal Trade Commission (FTC) to file a scam report. You can report the incident online, or by phone at 1-877-382-4357 (9:00 AM – 8:00 PM, ET). 

The FTC accepts various scam reports, including incidents such as:

  • Emails
  • Phone calls
  • Imposter scams
  • Fake checks
  • Computer support scams
  • Fake demands for money, including gift cards, wire transfers, checks

The FTC will also deal with other common scams listed here.

What other instances can you report to the FTC?

Golden tip

If you find yourself affected by international scams, you can report them through

What other types of cyberattacks should you be aware of?

Apart from scam offers, fake websites, identity theft, and phishing, there are other cyberattacks you need to be aware of. Here are some of the most prevalent ones:

1. Password breaches

Password breaches are exactly what they sound like. Hackers end up cracking your passwords, gaining full control over your online accounts. They use the following password cracking tools:

  • Aircrack
  • Cain
  • Abel
  • John the Ripper
  • Hashcat

Once they take over your online accounts, you can lose the rest of your information, like bank accounts. Sometimes, you may also never recover your accounts.

2. Man-in-the-middle (MITM) attacks

Man-in-the-middle attacks (MITM) are lesser-known, but they occur when a cybercriminal intercepts communication between two people. This usually happens as an attempt to steal log-in credentials, personal information, and other content they can use.

Thankfully, MITM attacks are less common as most email platforms and chat systems now come with end-to-end encryption. They can now prevent tampering, especially when data travels across the network. 


The internet has changed our world forever. With mere clicks on our screens, we can shop, book reservations, pay for bills, and speak to loved ones across the world. 

Unfortunately, hackers are always lurking behind our online tasks, ready to strike at any given moment through fake websites. 

Through fake websites, cybercriminals can access our information and commit identity theft, putting us in harm’s way in more ways than one. With that said, it’s important to remain vigilant at all times, so keep this guide in mind.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top
Scroll to Top