How to spot a fake website

A (sadly) typical scenario. Louise spots a new website selling cheap sunbeds. Payment by credit card carried a 5% fee. Payment by direct transfer had a 5% discount. So she transfers the money but then gets an email cancelling her order and promising to refund her. But this was just a delaying tactic. The only thing getting burned was Louise. It was a scam.

Some people will do anything for a discount. But if the deal you’re being offered is better than anything else, ask yourself why. Low prices are simply there to hook bargain hunters and sell them cheap fakes or things that don’t even exist. Or steal financial information.

A good rule of thumb is that if advertised prices are unbelievably cheap, then don’t believe them. And if you’re being hurried because ‘there are only three remaining’, even more reason to give it a miss.

Scammers don’t like to spend too long building perfect fake websites which can easily be spotted and taken down. So they often contain mistakes and flaws that genuine companies wouldn’t miss.

📝 Bad spelling and grammar - Big companies employ writers and editors to spot errors. Don’t assume awkward language is an honest mistake.

👩‍🎨 Low quality or pixelated images - Scammers don’t have access to the right pictures or logos. So they can often look low quality or blurry.

🧭 Bad design and layout - If a site is hard to navigate or has sections missing, it could be a fake.

Basically, professional websites should look professional. And if there’s no ‘Contact us’ page, don’t contact them. Just leave the site immediately.

For added security, all the main browsers give official websites a thing called a security certificate (SSL). It verifies that any information you send to the site can’t be intercepted by hackers.

You can check if a site has a valid certificate by looking for a padlock symbol by the URL in the address bar. (Again, make sure you’re on the right page first.)

A padlock symbol means a website is encrypted so if you’re making a payment, it can't be intercepted. Most sites have this now so if you find one that doesn't, it could be a red flag. Sadly, scammers can forge or ‘buy’ these locks, so it isn’t foolproof. Always look for other clues.

Domain names are a good indicator of authenticity. If the name doesn’t match the official website, beware. Scammers often use names that are very similar to the proper URL within the fake name. Like these real examples:

• Paypal.com.secure-site.com (the domain name is secure-site.com, not Paypal.com)
• Netflix-support.net (a fake domain name with a different extension)
• Delivery.ips.com (Adding ‘Delivery’ to distract you from the misspelling of UPS)

Names ending .net or .org are not normally used for shopping. And if the name has a famous brand within it like adidasoffers.com, that’s another watch out. The bottom line is, always double check you’re on the official site before entering sensitive information.

An easy way to check if a site is for real is to copy and paste the URL into a website checker. Which is basically a fake website detector. It’ll tell you if the site is safe or not, if it uses encryption to protect your data and what level of verification certificate it has.

Google’s Safe Browsing Site Status Tool is free and checks billions of URLs every day to see if they’re genuine. It also reports dangerous or infected sites to their owners and warns users.

Fake websites don’t tend to hang around for long. One way to check how long it’s been active is to use a domain tracker like Whois Lookup.

Type in the URL and you’ll be able to see details like the owner’s organization name, country of registration and the age of the domain. If the company claims to be registered in one country, but their entry shows they’re in another, it’s probably dodgy.

Legitimate retailers will always have a dedicated returns page to tell you how to send something back if it’s faulty or if you’ve changed your mind. There should also be terms and conditions (even though you might never read them), a privacy policy and a data collection policy. If you can’t find this information, it could well be a scam site.

To look more legitimate, scammers often post fake reviews on their fake websites. Here’s how to spot them:

• They’re all very recent. Or very, very positive.
• They all sound very similar
• They lack details a real shopper would include (or are suspiciously detailed)

Avoid the ones with only five-star reviews that all sound the same. Nothing is perfect. To get genuine opinions, read the two and three-stars. If there aren’t any, that’s another watch out. Also, make sure the review is for the actual product. Failing that, Fakespot helps you get a more honest picture.

Customers who might already have been scammed might also write reviews warning you. So look on-site and off-site for mentions of fraud, non-delivery or identity theft.

Fake websites sometimes try to force you to pay with non-traditional payment methods. Especially non-reversible or non-traceable ones like gift cards, bank transfers, crypto-currencies or payment apps.

Legitimate websites give you the option of paying with traditional, safer methods. Like credit and debit cards, PayPal, or ‘Buy now, pay later’ options such as Klarna and Afterpay. If you pay by card, there are safeguards and you also have certain rights about getting your money back. Pay by bank transfer and you’re unlikely to see your hard-earned cash again.

Don’t be conned by ‘trust signals’ like awards. Scammers know it’s a lot of effort for customers to check if a website is genuine. They also know 66% of consumers are more likely to shop on a site that displays social proof of their credibility, such as awards, certifications or security logos. But anyone can fake these things. If in doubt, get in touch with the issuing organization to confirm it’s all above board.

For more advice on internet safety visit Cuckoo's Guide to staying safe online