Because there are so many scams out there, it can seem difficult to know how to check if a website is safe. Learn cybersecurity best practices and our 11 tips to stay safer online, including using strong online protection like Norton 360 Deluxe to help block online threats and prevent you from visiting fake websites.
1. Know what happens if you visit an unsafe website
The first step to avoiding fake websites is to know what you'll see if you ever inadvertently land on an unsafe site. Most modern browsers are designed to make navigating the internet easier and safer. If you visit a site with known safety issues, the browser will usually inform you by presenting a fullscreen warning about the dangers of continuing to that page.
These warnings might say that your connection is not private or that you’re heading toward a deceptive site. If you see one of these warnings, close the window or click “back to safety” to avoid a potentially unsafe site. If you know that a site is safe, click on “Advanced” to proceed.
If you visit an unsafe site, you could end up dealing with several issues, including:
2. Look for an SSL certificate
An SSL (Secure Sockets Layer) is a digital certificate that certifies that a website is legitimate and that it offers encryption to protect personal information and financial data. In order for a site to have an SSL, they have to prove to the issuer of the certificate that they are who they claim to be.
Checking to see if a website has an SSL is simple: look at the address bar when you visit a site. You should see:
- “https://” at the beginning of the URL. The “s” at the end of the http means “secure.”
- A lock icon on the far left side of the address bar. This lock signifies a secure connection between you and the site. Click on the lock for more details about the website’s security.
If a site doesn’t have an SSL, it doesn’t necessarily mean it is unsafe. It could mean that it’s OK to browse that site, but it may not be safe to share any personal information.
3. Use a website checker
If your browser didn’t provide you with a warning about a site, but you still don’t feel great about sharing your information or making a purchase, you can double-check it using a site checker. A website safety checker like Google’s Safe Browsing site status page will let you know if a website is unsafe or if a previously trustworthy site has been compromised or has unsafe elements.
If you drop an address into a URL checker and it shows that a site might not be secure, close the window and don’t visit it again until another check shows that it’s not dangerous.
- Clear language spelling out what information it collects from users and how it is collected
- An overview of how the site protects your information
- Language that defines who can access the information the site collects
- Options for reviewing the information a site has collected
- Options for opting out of data collection
- Language that defines how long the site will hold onto your information
- Contact information to see if the site is transparent about how to reach them
5. Make sure the site is real
Hackers have several ways to try to steal your information using fake websites. Spoofing is when a scammer builds a site that looks almost identical to a real site in order to capture your logins and passwords.
Typosquatting is when someone buys a domain similar to a well-known site (gooogle.com, for example) in the hope that someone will accidentally mistype the URL and end up on this fake site where they may be exposed to malware.
If you receive a link from someone you don’t know or a site you regularly visit is functioning differently than normal, check the URL to ensure you’re on the right site. If you’ve stumbled onto one of these false domains, close the window and clear your history and browsing data to keep you from ending up there again.
6. Read reviews of the site
If you’re checking out a new site and aren’t sure how to tell if a website is secure or if it’s safe to buy from it, reading reviews of the site can show you what other people think. Go to your favorite search engine, type in the site name, and add “reviews” at the end of your query.
When looking at reviews, pay close attention to:
- Consistently bad reviews
- Allegations of unsafe practices
- Instances of fraud
- Mentions of poor customer service
- Too many overly positive reviews that sound the same (this could indicate that the reviews aren’t real)
Reviews provide a pretty good picture of whether or not a website is safe, because people don’t like being scammed or having their information shared without permission.
7. Search for contact information
Contact information on its own isn’t a guarantee that a site is safe, but it is a signal that there is a person or a team of people who are ready to assist you if you have questions.
If a site feels a little sketchy, or if you want to make a purchase but don’t want to trust your financial information to a company you don’t know, reach out using the contact information. They may have other ways for you to make a purchase that you feel more comfortable with.
If a site doesn’t have obvious contact information, it might be an oversight (especially if it’s a newer site), or it could mean that whoever owns the domain doesn’t want people contacting them because of potentially shady practices.
8. Keep an eye out for spelling errors and design problems
Sites that are riddled with design issues and spelling and grammatical errors could be a sign that a site isn’t safe. Pharming attacks and spoofed sites are designed to trick you into providing your personal and financial information to what appears to be a site you already know and trust. However, scammers will often make mistakes when it comes to the text and functionality of these sites.
If you find that the elements on a page you’ve used before look different, or there are misspelled words or odd turns of phrase, it could mean you’re on an unsafe site. Close the browser window, clear your history, cookies, and caches, then try going back to the site. If it looks normal, that likely means you were on a scam site.
9. There are too many pop-ups
Everyone has their definition of how many pop-ups are too many, but if a site has so many pop-ups that you can’t actually navigate it, that means there are too many. If there are multiple pop-ups and none are related to the site you tried to visit, that’s another sign that you may be on an unsafe website.
Pop-ups to avoid:
- Any that ask for financial information
- Cybersecurity warnings — this is called scareware, and it could mean that you end up downloading malware instead of protecting yourself from it
- Those advertising unrelated products or services
Installing a pop-up blocker for your phone and computer can help suppress a lot of these dialog boxes before they ever become a problem.
10. Find out who owns the site
Before you spend money at an online store, you can verify who owns the site by running a Whois search. This search will tell you who owns a website so you can make a more informed decision about where you want to spend your money. If a site is owned by someone other than the purported owner (or you can’t find a way to contact them), you’re probably better off taking your business to a more reputable company.
11. Use web security tools
Using web security tools like Norton 360 Deluxe can help block hackers and protect against fake sites, helping to prevent your data from falling into the wrong hands. And with a built-in VPN and parental controls, safer browsing is available for you and your family. Not only can these security tools protect your financial and personal information, but they also help protect your devices from debilitating malware.
FAQs about how to know if a website is safe
Still have questions about how to check if a website is safe to buy from or visit? We’ve got you covered.
How do scam websites work?
There are several kinds of scam websites, and they each function differently. Phishing sites are designed to get you to reveal personal information about yourself that can help hackers and scammers get into your accounts. Hackers build spoof sites to look like sites you already know and trust in order to steal your account information and passwords directly.
How can I check if a link is safe?
If you’re using a computer, you can hover over the link with your cursor. If it shows a different domain than what you expected, it may be unsafe. You can copy it and check it out with a URL safety check site. If a link doesn’t look safe (or you just aren’t sure), it’s best to not click it. Instead, go directly to the site by typing the URL into your browser to avoid exposing your information to scammers.
Does clearing my cache get rid of viruses?
It depends. Some viruses and malware may be designed to hang out in your cache, and clearing it could delete them. However, it won’t help if the malware was already deployed.
How do I know if a link is phishing?
If the message or site has grammatical and spelling errors and poor design functionality, it might be a sign that it’s trying to phish you. If the site asks for information that could be used to identify you or reveal your passwords or other sensitive information, it could be a phishing link. If a link came from an unknown sender or it looks suspicious, it’s best not to click on it.