Key points in this article:
- Always check the technical security of the site, in particular the presence of the https protocol and the padlock in the address bar.
- Check that the site offers easy-to-find contect information that you can verify, e.g., physical address, phone number, and/or email address.
- Ensure that the payment is secure: prefer recognized solutions such as PayPal or Stripe and read the terms and conditions and privacy policy.
- Look for online reviews and social media presence to assess the site’s reputation.
- Look out for visual and linguistic clues: mistakes, prices that are too low or sloppy design should raise red flags about a potential scam.
Before taking out your credit card on a retail website, it’s important to be vigilant in order to keep your money, data, and identity safe. On the internet, fraudulent websites pose as genuine stores, with tempting offers and sites that look exactly like the real brand websites.
Fortunately, there are some tell-tale signs!
So let me guide you through all the technical, legal, and visual details that will give you the green light or, on the contrary, urge you to move on, far away from a well-disguised scam.
At the end of the article, you’ll even read about tools to unmask scam sites in one click!
And if you’re an e-tailer, use this information to avoid mistakes and boost your ecommerce site’s credibility. You’ll see—it will make all the difference for your store.
Table of contents
- Criterion #1: Technical security
- Criterion #2: Legal notices and site identity
- Criterion #3: Payment and business policies
- Criterion #4: Reputation and external reviews
- Criterion #5: Visual and textual clues
- Bonus: Online website safety checker tools
- What to do if you get scammed by an ecommerce site
- Final thoughts
- FAQ
Criterion #1: Technical security
Padlock in the address bar (HTTPS)
Check the address bar before making any online purchase. A legitimate ecommerce site always begins with “https://.”
This little “s” at the end means that the connection between your browser and the site is encrypted and secure.
Example of the Chewy URL
Before entering any information, make sure you have this protocol. This ensures that your data (bank details, passwords, etc.) is not shared openly on the web.
You should also see a padlock to the left of the website URL. This symbol guarantees that the SSL certificate is in place and that you’re browsing in a secure environment.
This padlock appears in the menu to the left of the URL.
Consistent domain name
Before you click or place an order online, take a second to look at the website’s domain name.
Domain name: the address of a website, such as google.com or amazon.com
Fraudsters are becoming increasingly imaginative in their attempts to imitate well-known brands. A simple reversed letter, a number instead of a letter, and the trap is set.
Be wary of variations such as amaz0n.com or zaland0-shop.net, which seek to deceive the hurried user and make them believe they are accessing the right service.
Always favor classic extensions such as .com or fr., especially for internationally recognized brands. They’re more credible and easier to trace.
Also note that you should remain vigilant when it comes to suspicious subdomains, such as shop.freewebsites.io or brand.xyzstore.net.
Warning: if you click on an offer from an email from “Walmart” and the site you land on has these characteristics, run away! Better yet, avoid clicking on any links at all in emails like this!
Example of a fraudulent email that leads to a scam website (Source: Identity Guard)
Criterion #2: Legal notices and site identity
Clear and accessible legal notices
Legal notices are there to ensure transparency and help you understand who you’re really dealing with online.
A reputable website should display a page dedicated to this information in its footer.
Example of a footer on the Farmacy Beauty website
Some reputable businesses list a business registration number or VAT ID that can be verified on government databases.
The absence of these elements can be a sign of a potential scam, or at least of an unreliable online shopping site that seeks to conceal its identity.
“About Us” page
This is where a company introduces itself, explains its business, tells its story, and highlights its values. It’s often used by independent brands or small businesses to inspire online visitors.
As you browse it, you should sense a certain transparency and a desire to build trust with the visitor.
Example of an “About Us” page with the Sézane brand
A legit website talks about everything that goes on behind the scenes. It provides details, sometimes photos or testimonials, and perhaps information to support its claims (e.g., concrete actions demonstrating the company’s commitment to sustainability).
Real contact details
A trustworthy web commerce company doesn’t hide behind a simple form or a vague address.
It clearly displays a direct contact number, a professional email address, and sometimes even a physical address.
This information should be easy to find, often in the footer or on a “Contact” page.
If you have any doubts, test it out by sending a message or calling the phone number provided. Legit online shopping sites usually respond quickly.
Criterion #3: Payment and business policies
Secure payment methods
The methods available for paying for an order reveal a lot about how safe a digital commerce website is.
Be wary if an online shopping site only accepts wire transfers, gift cards, or crypto from customers…
Always prioritize recognized solutions like Stripe, PayPal, or secure credit or bank card payments clearly displayed, as seen here with the LEGO shopping cart.
Before confirming your purchase, check that the payment page also displays the HTTPS padlock, because even the payment platform can be created by scammers to trick you into paying!
→ Read also: our article on how ecommerce works
General terms and conditions (GTC)
General terms and conditions (GTC) or terms of use are mandatory for any reputable online store. They govern the relationship between the seller and the buyer and must be accessible before any purchase.
Example of a Terms of Use page on the Chewy website
Be sure to check that they clearly state delivery times, return policies, and refund conditions.
Privacy/cookie policy
The privacy and cookie policy should clearly explain how your personal data is collected and used, whether for delivery, newsletters, or browsing statistics.
Example of privacy notice and consent preferences for visitors to read through in pop-up format with Weir & Sons
A website that takes the time to detail these points demonstrates transparency and compliance with regulations.
Criterion #4: Reputation and external reviews
A search of the website’s name on Google
Before placing an order on a new ecommerce website, always take a few minutes to search for its name on Google.
Simply type “websitename.com + reviews” and look at the first results. You’ll quickly see if customers have already reported scams, delivery delays, or negative experiences.
Here’s an example with Travel Cat on Trustpilot
Also check out reliable review platforms like Trustpilot or even some forums and discussions on Reddit.
→ Today, seeking reviews is an integral part of online shopping behavior.
Take the time to read recent reviews, which are often more revealing of the site’s current situation. Older comments may date back to a time when the company was still reputable or before it changed management.
Legitimate reviews
Of course, hundreds of positive reviews for a business don’t mean anything if they’re not real!
Identifying fake testimonials is crucial because they can mislead shoppers into trusting unreliable sellers or buying poor-quality products.
To spot fake ecommerce reviews, look for patterns like overly positive language, repeated phrases, generic usernames, or many reviews posted in a short time.
Check for detailed, balanced feedback and verified purchases, noting that real reviews often mention specific products or experiences.
You can also cross-check the online shopping site’s reputation on independent platforms like Trustpilot or use a review checker like FakeFind, a free tool for examining product reviews for manipulation, scams, and content that’s been generated via AI.
Social media presence
A legitimate website will often maintain an active presence on social media, and for good reason: it’s the online business card of brands.
You’ll typically find recent posts featuring products or other helpful content, interactions, and customer comments.
Farmacy Beauty on Instagram
Conversely, be wary of newly created web commerce brand pages with no real activity or engagement, or conversely, pages that haven’t posted anything since 2021.
Criterion #5: Visual and textual clues
Professional and consistent design
An online shopping website’s design speaks volumes about its credibility. Fraudulent sites are easily spotted: repeated spelling mistakes, poor-quality images, distorted logos, or text copied from elsewhere.
Example of a fake Puma site spotted by Ad-Waibe
Original images
Authentic images show that an ecommerce business truly owns or handles its products, which helps verify that the website is legitimate and trustworthy.
To check if an online shopping site’s images are original, use reverse image search tools like Google Images or TinEye.
You can upload or paste the image URL to see if it appears on other websites, especially well-known brands or marketplaces. If the same photos appear elsewhere, it could mean the shop copied them.
Abnormally low prices
An abnormally low price should always raise suspicion. Scammers often use unbelievable offers to attract inattentive buyers, as in the Puma example above.
If an item you’re interested in purchasing on the internet has an amazing price on one online store, consider comparing the price with those on other digital commerce sites: a significant price difference often hides a counterfeit product, a product that will never be delivered, or a website that will disappear once it’s taken your money.
Language and spelling
A text riddled with mistakes, strange turns of phrase, or nonsensical sentences often hides an automatic translation.
If reading it gives you the impression of a cobbled-together text, it’s best to close the tab without further ado.
Functional site behavior
Functional, consistent website behavior is important because legitimate businesses invest in smooth, secure user experiences.
In contrast, fake or scam sites often don’t bother with proper functionality.
Suspicious ecommerce site behavior includes broken links, missing pages, buttons that don’t work, or checkout pages that fail to load properly.
Sudden redirects to unrelated websites or pop-ups demanding personal information are also red flags.
These issues often suggest poor design, rushed setup, or even malicious intent.
Bonus: Online website safety checker tools
One important tip before shopping online is to check the reliability of the online store using one of these website safety checker tools:
- Whois.domaintools.com: to see the date the domain was created (a recent website = caution).
- Google Transparency Report: indicates whether the site is considered dangerous.
- CheckPhish: a checker that allows you to detect scams in a single click.
A legit, safe ecommerce site dedicated to the protection of its customers doesn’t try to hide. Transparency is its best selling point.
Before paying for an order, trust your instincts, as they’re often right. If something seems unclear or inconsistent, it’s better to move on.
A few minutes of vigilance are often enough to avoid unpleasant surprises and shop for products and services online with peace of mind.
The same goes for your emails and text messages, which are often bombarded by scammers. With AI, websites and texts are becoming increasingly sophisticated. But if there’s any doubt, check!
What to do if you get scammed by an ecommerce site
Even with careful research, anyone can fall victim to a fake online store. If you realize you’ve been scammed, acting quickly can help you minimize losses and protect others from the same experience.
Here’s what to do next:
1. Contact your bank or payment provider immediately
If you paid by credit card, debit card, or PayPal, get in touch with your bank or payment provider as soon as possible. Explain the situation and request a chargeback or dispute the transaction.
Financial institutions often have fraud protection measures that can help you recover your money or prevent further unauthorized charges from the illegitimate ecommerce site.
2. Report the site to authorities
Reporting the scam is essential to help authorities investigate and potentially shut down fraudulent online stores.
In the United States, for instance, you can report to the Federal Trade Commission (FTC), the Internet Crime Complaint Center (IC3), or your local consumer protection agency.
In other countries, contact your national cybercrime or consumer watchdog service. Providing screenshots, order confirmations, and emails can support your claim and strengthen your report.
3. Warn others by posting reviews or reporting it to scam databases
Sharing your experience can help protect others from falling for the same scheme as they shop on the internet.
Leave honest reviews on social media, forums, or trusted review platforms like Trustpilot or SiteJabber. You can also report the site on ScamAdviser or Google Safe Browsing.
The more visibility a scam receives, the less likely others will become victims.
Final thoughts
In today’s digital world, shopping online can be convenient, but it also comes with risks. A legitimate ecommerce store prioritizes customer protection, security, and the safe handling of personal data.
Before you shop, take the time to verify the company’s reputation, check for clear policies, and ensure the site uses secure payment methods. Extremely low prices or poor website functionality can be red flags for scams.
Always consider support options and whether the store provides real contact information, as trustworthy stores value their customers.
By staying vigilant and using available tools to verify authenticity, you can protect your money and privacy and avoid fraudulent stores.
Informed decisions can help keep your online shopping experience both safe and enjoyable, ensuring that each purchase is from a reputable store that respects customer trust and provides proper security measures.
FAQ
How do you unmask a fake website?
Certain points such as the URL, spelling mistakes, or overly tempting promotions should alert the internet user.
How do you test the security of a website?
Free online solutions exist, such as Google Transparency Report.
How do you check a website’s URL?
Apart from online checker tools, you can see with the naked eye if the URL is legitimate: no mistakes, numbers, or dubious prefixes in particular.
