How to check if a website is legit

Maciej Bartłomiej Sikora
Content Writer
How to check if a website is legit

Fake websites, fake websites everywhere

The internet is very yin-yang in the way that it is both a fun and terrifying place. There are websites that help you learn new things, spark your creativity, and make your life easier. Then there are others that aim to pull you down, stifle your potential, and throw a wrench in your works. It’s a classic case of balance: for every awesome site out there, there’s probably a sketchy one lurking around.

So, it’s up to us—the internet users—to figure out which sites are safe and which ones are there to trick us. And honestly, that can be pretty difficult to do! These well-designed scam sites can look just as convincing as legitimate ones, and they come in many different forms.

Common types of scam websites

If you think about the most popular scam websites, it’s pretty easy to figure out they’re the ones that bring in the most profit for cybercriminals. And just like in any other shady business, some scams are more lucrative than others, though pulling them off convincingly takes more effort. Here are the most common types:

  • Fake online stores—Websites designed to look like regular e-commerce sites, but once you make a purchase, your money’s gone, and the product never arrives.

  • Clones of bank websites—Sites that look almost exactly like your bank’s official page, but once you enter your credentials to log in to your bank account, they’re stolen and used for fraud.

  • Tech support scams—Websites with alarming messages claiming your device is infected and pushing you to take action, causing you more harm than good.

  • Phishing websites—Websites that mimic those of trusted organizations, tricking you into providing sensitive information like login credentials or financial details. These sites may also ask for your email address to send phishing emails to in an attempt to get even more personal data from you.

  • Shady investment platforms—Websites that promise high returns on investment, attempting to convince individuals to give away their hard-earned money or sensitive personal information.

  • Lottery/prize scam websites—Sites that claim you’ve won a contest but require you to provide personal details or pay a fee to receive the prize.

  • Charity fraud websites—Websites that prey on people’s goodwill by soliciting donations for a "good cause" that ultimately end up in the scammer’s pocket.

  • Malware distribution websites—Websites that trick users into installing malware disguised as legitimate software.

When do you usually encounter fake websites?

All the time—that’s the problem! Today’s scammers want to make it as hard as possible for you to realize that you’re on a fake website. You could be cruising through your day online, then suddenly click on a sketchy ad or accidentally type a URL incorrectly, and just like that, you could find yourself on a scam site without even realizing it. That’s why there’s really no time to let your guard down, especially when you're browsing without paying full attention.

So, what can you do to check if a website is legit?

Whenever you land on a website, don’t feel helpless or just assume it’s legitimate. There are a few things you can do to assess the risk and ensure you’re interacting with the right content. Here are the most fundamental ones:

Examine the domain name carefully

One of the methods scammers use is mimicking legitimate websites by using similar-looking names or misspellings. So, be sure to take a good look at the URL of the website you’re visiting to determine if it’s trustworthy.

If you didn’t type the URL address yourself, think about how you got to that particular site. Was it a link you clicked on? An ad? A button in an email? It’s worth doing a little digging to ensure that the source of the website is valid.

Look for HTTPS

Before you do anything on a website, take a second look at the URL and check if it starts with “https” instead of just “http.” The “S” stands for secure, meaning your data is encrypted during transmission. While it doesn’t guarantee that the site is safe, it’s an important step in ensuring your information is protected.

Check the contact information and overall design

If a website is legitimate, it should have clear contact information, including an address and phone number. If the site you’re visiting looks poorly designed or lacks basic contact details, it’s a major red flag, so make sure to tread carefully.

Check for reviews, ratings, and online mentions

Even before you type in the URL and enter a website, you can just Google it or go to sites like Trustpilot and Reddit to look for reviews or ratings from other users. A quick search can reveal whether others have had positive or negative experiences. If you find consistent complaints or warnings about a given site, it’s best to steer clear of it.

Get a password manager to boost your security

Using a password manager like NordPass doesn't just keep your passwords safe—it also helps ensure you’re interacting with legitimate websites. How so?

When you save your login info in NordPass, it remembers the exact URLs of the sites you use. So, if you accidentally land on a fake website that looks similar, NordPass won’t autofill your credentials because it will know the difference. This can help you avoid entering your details on scam sites, saving you from potential trouble.

Additionally, NordPass comes with a range of features that can help boost the security of your online accounts, like a Password Generator and a Data Breach Scanner—the latter can check if your data has been compromised in a breach.

So, if you want to browse with peace of mind, give NordPass a try and see how much safer you’ll feel.

Subscribe to NordPass news

Get the latest news and tips from NordPass straight to your inbox.