How to Identify Fake Websites
Practical techniques for spotting counterfeit websites before falling victim.
Check the URL Carefully
The most reliable indicator of a fake website is its URL. Examine it character by character:
- Correct domain – Is it the official domain? (amazon.com vs amaz0n.com)
- Subdomains – Real domain comes before the TLD (paypal.com not paypal.secure-login.com)
- Homoglyphs – Characters that look similar (rn looks like m, l looks like I)
Domain Age Check
Legitimate businesses have established domains. A site claiming to be a major brand but registered days ago is almost certainly fake. Use WHOIS lookup tools to check registration dates.
SSL Certificate Inspection
While HTTPS doesn't guarantee legitimacy, certificate details can reveal fakes:
- Click the padlock to view certificate details
- Check the organization name matches the claimed brand
- Note certificate type—EV certificates show organization name
- Free certificates (Let's Encrypt) on major brand sites are suspicious
Website Quality Signals
- Spelling/grammar – Errors throughout the site
- Contact information – Missing, fake, or generic email addresses
- About page – Vague or missing company information
- Policies – Missing privacy policy or terms of service
- Product images – Stock photos or stolen images
Pricing and Offers
If prices seem impossibly low or promotions too generous, treat with extreme caution. Scam sites attract victims with unrealistic deals.
Payment Methods
Be wary of sites that only accept:
- Wire transfers
- Cryptocurrency
- Gift cards
- Payment apps like Zelle or Venmo for purchases
Trust Seals
Trust badges can be faked. Always click on them—legitimate seals link to verification pages.
Tools
Related Articles
- Types of Fake Websites
- Fake Website Takedown Process
- What is Phishing?
- Understanding Lookalike Domains
Need Enterprise Protection?
Our fake website detection service provides automated monitoring and rapid takedowns for brands.