To keep the lights on, we receive affiliate commissions via some of our links. Our review process.
Looking forward to locking in savings for that special holiday gift, or simply because you’re finally pulling the trigger on that purse, video game, or set of jeans that’s been on your radar? Shopping online can be both convenient, as well as time and gas saving. Unfortunately, with comfort also comes risk.
Cyber Monday has become the biggest day for cyber criminals to target in an attempt to harvest your banking details, website logins, personal information, and more. In the weeks leading up to Cyber Monday, and throughout the holiday shopping season, you will see more fake websites make their debut than you will the entire rest of the year. We show you how to spot these websites before becoming a victim.
- How To Spot A Fake Website
- How To Report Fake Websites
- If You Do Make A Purchase, Follow These Guidelines
- Frequently Asked Questions
- Learn How To Prevent Identity Theft
We’re going to take you through seven steps to take to help identify fake websites. While there’s no guarantees, after going through these you should have a fairly high confidence of whether a website is legitimate or not.
Probably the most important thing is the domain name. Look in the address bar of your browser and see what the URL (i.e. that ends in .com) is. We were recently shopping for a Michael Kors bag and came across a great deal online. The website was complete with Michael Kors logo, product search, shopping cart, and more. But a closer look revealed that despite the Michael Kors logo, the URL of the website was not www.MichaelKors.com, as I expected, but rather: www.NewPerfectStyle.com. (UPDATE: This website has been shutdown and is now facing legal action for selling counterfeit goods but beware of others like it that still exist today.) Now it’s not unusual for merchants to offer their products on third-party sites, so we started to dig a little bit deeper to gauge the authenticity of these websites.
As you can see from the screenshot, the website looks fairly legitimate at first glance: it has the Michael Kors name, a clean minimalist layout with a slick-looking slide show, a search bar that works, a main menu with login and currency selector, and even a shopping cart. Don’t be fooled: it’s not difficult for website scammers to spin up a fully functioning and fairly sophisticated website in only a few days. And of course there’s the page with all the discounts that may have you drooling and making a quick split-second decision that you would otherwise have given some more thought.
On this site, and many others like it, you will likely notice that the bags are discounted from a regular price of $995 (which is what they comparatively go for on legitimate vendors) to a Black Friday/Cyber Monday sale price of only $79 (that’s 92% off!). Which leads us to our first red flag: if it’s too good to be true, it probably is. Legitimate vendors will never discount a price this heavily, unless they are getting rid of excess inventory. That’s usually the case for products that are a couple of seasons (at least) old. In this case, however, the bags are the latest and greatest fashion accessories that everyone is shopping for during the holiday season. You’ll notice that if you shop for these bags at legitimate merchants there is hardly, if any, discount. Usually if there is a legitimate Black Friday or Cyber Monday sale at one merchant, the other merchants will fight to get a piece of the pie.
The next thing we noticed about this website that was unusual was the number of grammatical inconsistencies. Commonly, fake websites will be produced in countries where English is not the first language. Consequently, be on the lookout for spelling and grammatical mistakes. This particular website actually didn’t do too bad in these areas, but we still managed to spot some inconsistencies that would not have been present on a genuine Michael Kors website, which pays an Internet marketing company lots of money to make sure every i is dotted and every t crossed.
Glancing back at the homepage screenshot above you’ll notice the slogan “Discount Now! The Season’s Biggest Trends From Our Online Store.” This might make sense at first glance, but the “Discount Now!” part is grammatically incorrect. Moving on down to the footer of the website (where often times a lot of mistakes can be found) we notice:
Now take a look at this “Why is our product such a steal?” paragraph:
This paragraph is littered with poor grammar and a very low level of the English language, as you can see by simply reading it.
If all these hints didn’t tip you off to the fact that this is a fake website trying to steal your sensitive data, there’s one nearly foolproof way of telling how legitimate a website is: just as you’d want to know how long a brick-and-mortar retailer has been in business, you can find out how long a website has existed on the Internet.
In a Google search box, type in “site:example.com“, replacing “example.com” with the URL of the site you’re investigating. You’ll see all of the pages (usually hundreds or thousands) that Google has indexed from the site (because of the billions of websites in existence Google uses an automated process to do this and therefore does not catch fake websites immediately). Next, we want to find out when these pages were indexed, which we can use to find out how long the site has been in existence.
ResellerRatings.com is a database of merchants and vendors that not only lists consumer verified merchants and their business details, but also provides the ability for consumers to comment and rate those merchants. You’ll find out details on shipping policies and feedback as to whether the merchant delivers on time, how their customer service is, and more. If the website you’re investigating isn’t listed, that’s not a guarantee that it’s a fake website, but definitely something to be concerned about. This usually means the website hasn’t been in business that long. To find out exactly how long your website has been on the Internet (this can really clue you in to its authenticity), checkout our methods below to find out when the website came online.
Here’s a couple methods you can use to find out how long an online retailer has been online.
After conducting your search using “site:” as illustrated in the screenshot, click on “Search tools,” followed by “Any time,” and select “Custom range…” at the bottom. To find out if the website has been around for more than one year, simply go back a year in time (for example, if we are in 2022, you could use the date range 1/1/2021-12/31/2021 to cover all of 2021). If the website existed in 2021, search results will appear. If not, none will. Keep going back in time to find out how old the website is. For our fake website, we were able to find out that the website had been created the same month we found the site, and was therefore less than a month old. This is a clear indicator that the site had been spun up by scammers for Black Friday and Cyber Monday with the purpose of phishing the personal information of unsuspecting victims.
An alternative way of finding out not only how old a website is but also what it looked like back in time is to use The Internet Archive’s Wayback Machine. Searching for our fake website results in no records, which is typical for very young websites. Use caution with this method, however, as sometimes domain names are relegated to new owners over time. In other words, a website that was legitimate in the past may not be so today.
Another thing you can do is find out whom a website is registered, or belongs to. You can use a WHOIS search to do this, a service offered by most domain name registrars. Because of its size and registration database, we like to use GoDaddy’s WHOIS lookup. Doing so for our fake site resulted in the following record:
In our Michael Kors example, the website is registered to someone in China. Typically, a fake or phishing website selling products to U.S. consumers will originate somewhere outside of the U.S., Canada, or Europe.
Unfortunately, fake website owners often operate outside of the jurisdiction of U.S. authorities. However, you can usually send an email to the domain name registrant (in this case [email protected], an email address which was listed in the WHOIS record). We’ve done so, and hope you will do the same for any fake websites you come across this holiday season. All of us at Safe Smart Living would like to wish you a safe and secure online shopping experience.
The U.S. IPR Center has a StopFakes.gov website that lists resources you can use to report counterfeit goods online. You’ll want to read carefully what each service provides, as well as their privacy policies, before proceeding.
If you do decide that a website is real and that you want to make a purchase, be sure to only use secure payment options when the time comes to check out. Legitimate websites allow purchases using credit cards or a well-known online payment service such as PayPal.
If the vendor asks you to pay through money order or wire transfer, or cryptocurrency (such as Bitcoin), there’s a good chance that the website is a scam. If using PayPal, always pay as Goods & Services instead of Friends & Family – the former is protected and refundable, but the latter is not.
No doubt one of the hotter items on people’s wishlists this year is the almost impossible to obtain Playstation V. Scammers are well aware that the consoles are unavailable at their MSRP of $399, so offers are popping up all over the place.
Many scammers use email to try to lure potential victims. You may receive an email that appears to be from a company or vendor you use. In that email, the scammers will include a link. When you click on that link, it takes you to a website and asks you to put in your password, so you do.
Unfortunately, you just gave your password to a scammer, and now he or she can get into your account and steal your information.
If a company or vendor you use sends you a link via email, check the link very carefully. Better yet, go to the website directly and access the information you seek there.
- If you receive a text message from an unknown number or user, do not click on it or open it. Unlike our email which can flag and filter for Spam, annoying text messages can pop up on our phones at anytime. Delete and do not reply because you will be confirming that your phone number is active.
- Be cautions of messages with Emoji-overkill – anything with cats and pointing fingers is not only fake it’s desperate!
- And messages that exaggerate the sense of urgency like “HURRY” or “SHOP NOW”, have all caps or excessive punctuation!!! Those are a scam too.
Learn more, including how to report and stop text message scams.
There are thousands of fake websites out there on the web. Some of these websites exist just for fun, but most of them were created by people who wish to mislead you. There are many websites that contain false information to make you believe things that are untrue.
Others are designed to steal your money. They advertise products that will never be sent, or else they use a bait-and-switch technique. Some simply steal your credit card numbers. But the worst are more devious – they may try to steal your whole identity.
If you want to read more great information about ways you can keep you, your family, and your identity safe while doing your holiday shopping online, check out the Identity Theft section of our site.Tagged With: