Do you feel paranoid when visiting certain websites? If you do you are in good company and there are many reasons why this may be the case. In fact, my professional advice would be to not visit websites or give out any sensitive data (Especially credit card details/bank details) if you are not convinced if the website is safe to use.
In this article, I would answer the question is this website legit? I would give you all the pointers and a few red flags to note when surfing the web.
Let us dive straight in!
Is this Website Legit? – Points To Note
Once you open up a website, especially if it is one you are not used to using, here some details never to overlook.
1. Is HTTPS enabled on the website?
HTTPS stands for Hypertext Transfer Protocol Secure. It simply implies that sessions between a web server offering you a website and the browser on a mobile device or any other device is encrypted.
In layman terms, once it is enabled, you would be safe from most “man in the middle attacks”. These usually could be spoofing or phishing attacks.
How do you know if HTTPS is enabled?
The green or locked padlock found on the far left corner of the URL (address) bar is a positive sign indicating there is HTTPS enabled on the website. For a few websites, the name of the company may be written next to the green or locked padlock.
When you have both the green/locked padlock and the company, it is an even better signal and should prove that the website is legit and safe to visit.
Browsers would try to alert users when HTTPS isn’t enabled on a website. They would display a “Not Secure” if the HTTP webpages need users to input data into forms. These may include surveys or even login forms.
You must resist given your data to a website after you see the not secure warning or if you do not notice a green or locked padlock icon. Providing your data would be an invitation to hackers, which could be third parties, to have access to your private information including passwords and credit card data.
Disclaimer: A green or locked padlock shows some level of trust but doesn’t guarantee that the website wouldn’t use your information maliciously. It only guarantees that your data can not be intercepted or changed by some third party.
2. Is the Advertising Aggressive or Invasive?
There is not a fixed way to go with this, especially since the level of aggressiveness or invasiveness can always be up for debate.
It would strictly depend on how you feel about it. It is fair to say that having banners and some adverts is standard ad practice for many websites (It is important they make some money).
There are however some ads that would constitute red flags. They may not always be malicious but would give a hint that the website is poorly managed. You must be precautious when on such sites.
A few ads to beware of:-
Redirecting ads – You may have encountered one of those website banners that has a download button. Sometimes you realize that clicking on download keeps redirecting but never seems to get the item downloaded. This is a huge no-no, and my advice would be “get out now”. Sadly some harm may have already been done.
Interactive ads:- This may not always be a bad thing, but it still raises some questions. If the Ad is requiring that you perform some action, perhaps take a survey or answer questions, then maybe you should consider exiting.
Pop-up ads:- I would just say straight up, good websites would rarely use these. So if you encounter them, please exit.
3. Does the Website Have Trust Seals or Symbols?
Do you know when you go for a job interview and you are asked about your references? That is exactly what a trust seal is.
These are usually indicated by a clickable badge or badges at some part of a website. It redirects to the provider’s website. These seals should usually be from known/popular entities like Paypal, VeriSign, TrustE, etc.
Please note that the absence of these should not be a deal-breaker. Many websites may not need or have these trust seals and would still pass the “Is This Website Legit” test.
Can you always trust these seals?
The answer is NO!
A number of scammers can do a simple copy and paste to fool you. The original partner websites they are faking would mostly never no or bother to find out. Your smell test would be to verify if the seals click to the real site’s URL. So if a website uses a PayPal seal, you expect when the link is clicked that it directs you to Paypal.com. If this is not the case, please exit instantly.
A big point to note is sealed with funny names or names that just look too enforced. For example, you may have a seal for “Microsoft Certified” or Norton-Secured.
This means nothing at all, especially since any website can choose to use the latter once it doesn’t have any virus. This doesn’t mean they are not waiting to capture your data and do damage to it.
4. Does It Have a Return Policy?
This applies to online stores or eCommerce websites. A return policy states the ground on which items can be sent back. It is a way website owners tell you that they can be trusted.
If you go through the website and you do not find any, do not buy a thing and do not give them any valuable personal data, especially credit card information.
Privacy policies, simply refer to how a website expects to use your data. Sadly we almost never bother about reading this when we stumble upon a website unless we feel there has already been a huge privacy breach. This may be too little too late.
The policy should state how your data will be kept, whether or not your data is ever shared especially with third parties, and steps you would need to take to get all your data deleted from their database.
6. Can I Verify the Body Behind the Website?
Doing this wouldn’t always yield results, at least not 100% results but you generally would get a better idea of the owners or entities managing the website.
Step one is to search for existing social signals. A good place to start is if there is a phone number or a real physical address.
Performing a look-up on Whois is another way to go. This gives some valid information about the site and its owners. In many cases, you would be able to see the names of the owner, addresses, phone numbers, etc.
A whois lookup may also provide nothing if the entities behind the site have paid third parties to take on this responsibility.
7. Can You Run a Successful Website Safety Check?
Website safety checks can not be over-emphasized. If it is not a familiar site and you cannot run a comprehensive check, you are advised to proceed with caution.
To check for the safety of specific websites, you may have to employ some of the common online tools. While there may be a host, this virus total tool is a nice and simple-to-use option.
It gives a text field where you would input the website URL. After that click enter then watch, it does its work.
When the results come in, you would love to see a lot of green. This is positive. In the example used below, the website scores 82, which gives a sense that to a large extent you can trust the website.
Please note that this check should not be independent of other ways of verifying or answering the question “is this website legit”.
8. Does My Browser Display and Warnings?
If you are seriously pondering to yourself “is this website legit”? One way to know is to take notes of warnings your browsers may display. This is not uncommon especially if your internet use requires you are constantly stumbling upon new websites not earlier visited.
A major reason is that browsers would always warn users not to proceed to a site if it has been compromised. These prompts would not stop you if eventually, you decide to proceed. But like they say, to be forewarned is to be forarmed.
The risk of a falling victim in today’s world to cyber fraud is increasing. Maytimes we live footprints that scammers eventually use against us.
The internet is home to so many resources, but also the home to many malicious sites. You must proceed with caution. You have stumbled upon this article because you have pondered to yourself the question “is this website legit?” Well, now you know all the steps to figure an answer out.