How To Determine the Legitimacy of a Website
By Tracey Dowdy
While researching this article, I came across a website that claimed to vet suspicious sites, yet the site itself is actually designed for black hat SEO purposes. That’s confusing. How are users supposed to determine who the good guys are if the bad guys hide in plain sight?
Of course, there are a number of red flags that should immediately make visitors suspicious. Look for misspelled or copycat domain names, (think Amaz0n.com, Reebock.com), or multiple dashes and periods in the URL. Sites that end with .biz or .info are more likely to be unsafe.
To reduce the risk of landing on a phishing or other unsafe website, add these tips to your tool kit.
- Google it. This is both the simplest and the best safety tip around. A simple Google search will bring up all results related to the search terms entered. User reviews are usually aggregated at the top but be sure reviews and feedback come from contributors not affiliated with the site or paid sponsors.
- While reading those reviews, pay attention to grammar and the language being used. Be wary of sites with misspellings, poor grammar and syntax or explicit language. Look to see if content is repeated or poorly formatted, for example, the text is cut off or missing.
- Do a Google Transparency Report. Go to the Transparency Report home page, type in the name of the site and Google will automatically generate a report detailing its safety rating. More than simple data, Google provides context by listing why the site received the rating. For example, Reddit receives a “Not dangerous” rating but warns “Some pages on this website send visitors to the following dangerous websites: github-cloud.s3.amazonaws.com, s382701517.online.de, and gildor.org.”
- Check the security certificate. Search engines like Safari and Google Chrome require sites to use security certificates from trusted organizations. Follow this link for what to look for from Google and here for what to look for on Safari.
- ADS! ADS! ADS! If you land on a page that is more ad-based than content-based, odds are it’s a scam or phishing site. If ads are explicit or constantly pop-up, the site requires users to complete a survey, provide personal information in order to continue, or re-directs to another page, there is a good chance it may be unsafe.
There are always exceptions to the rules, but by implementing these tools, users can safeguard against attack.
Tracey Dowdy is a freelance writer based just outside Washington DC. After years working for non-profits and charities, she now freelances, edits and researches on subjects ranging from family and education to history and trends in technology. Follow Tracey on Twitter.