How to check if a website is legit

You've found a site - a search result, a social media ad, a link someone sent - and something isn't sitting right. Before you buy anything or hand over your details, here's how to check.

---

Why fake websites are harder to spot now

A decade ago, scam websites were easy to identify: poor design, broken English, no security certificate. That's changed. Modern fraudulent sites are often visually identical to the real thing, with stolen logos, copied product descriptions, and fake customer reviews.

The tells are subtler. You need to know where to look.

---

Start with the domain name

The domain is the address in your browser bar, and it's the most reliable thing to check. For a site to be genuine, the domain needs to match the brand exactly - no extra words, no hyphens in odd places, no slight misspellings.

Scammers register domains designed to look right at a quick glance:

• nike.com is Nike. nike-official-store.com is not.
• gov.uk is the UK government. gov-uk-tax-refund.com is not.
• amazon.co.uk is Amazon. amazon-prime-renewal.net is not.

Always read the full address before doing anything on the site.

---

Check for HTTPS

Your browser shows a padlock and https:// at the start of a legitimate site's address. The S means the connection is encrypted.

That said, HTTPS alone doesn't mean a site is trustworthy. Scammers can get certificates too. Think of it as a minimum requirement, not a guarantee. If a page asking for your details doesn't have it, leave.

---

Check how old the domain is

Legitimate businesses have usually been around for years. A domain registered a few weeks or months ago is a significant warning sign - especially when the site claims to be a well-known brand or is selling things at unusually low prices.

You can check a domain's age with a WHOIS lookup, or by running the URL through SniffTest, which includes domain age as one of its 17 checks.

---

Look for real contact information

A genuine business will have a physical address, a working phone number or email, and some information about who they are. Look for:

• An address you can verify in Google Maps
• A phone number that reaches a real person
• An About page that actually says something about the company

A contact page with only a generic form and nothing else is a warning sign.

---

Read the reviews properly

Search for the company name with "reviews" or "scam" and see what Trustpilot or Google Reviews say. Watch for:

• No reviews at all
• Everything recent, five stars, and written in suspiciously similar language
• A sudden spike in positive reviews with no history before them

Also try site:reddit.com [website name]. If someone's been scammed, Reddit usually knows about it.

---

Be sceptical of prices that seem too good

Designer goods, electronics, or branded items at 60–80% off retail is almost always a red flag. Counterfeit sites use extreme discounts to attract buyers. Genuine sales exist, but a MacBook Pro for £300 or name-brand trainers for £15 is not a genuine sale.

---

Run it through a checker

The quickest way to get a confident answer is to paste the address into SniffTest. It checks against Google Safe Browsing, known scam blocklists, domain age, and a dozen other signals, and returns a plain-English verdict in seconds - free, no account needed.

If it comes back high risk, don't proceed.

---

Warning signs

Look out for any of these - and be especially cautious if several appear together:

• The domain doesn't quite match the brand
• The site was registered recently
• Prices are far below retail
• No real contact details or physical address
• Pressure tactics: countdown timers, "Only 2 left!", urgency messaging
• Payment only via bank transfer, gift cards, or cryptocurrency
• Spelling errors in product descriptions or at checkout

---

Signs you're probably fine

• The domain matches the brand exactly and has been around for years
• HTTPS throughout, including at checkout
• Real contact details with a verifiable address
• A mix of reviews across independent platforms, including some negative ones
• Prices in line with other retailers
• A clear, findable returns policy

---

If you've already shared your details

Contact your bank immediately and ask them to reverse the transaction and flag your card. Change any passwords you used on the site, especially if you reuse them elsewhere. Report the site to Action Fraud at actionfraud.police.uk (UK) or the FTC at reportfraud.ftc.gov (US).

The sooner you act, the better.

---

Frequently asked questions

Q: How do I check if a website is legitimate for free?

A: Paste the URL into SniffTest - it's free, requires no account, and runs 17 checks including domain age, Google Safe Browsing, and known scam blocklists. You can also check the domain name carefully, look up the site on Trustpilot, and search for the company name plus "scam" or "reviews" on Google and Reddit.

Q: Does HTTPS mean a website is safe?

A: Not on its own. HTTPS means your connection to the site is encrypted, but scammers can get HTTPS certificates too. It's a minimum requirement - if a site asking for your details doesn't have it, leave immediately - but it's not a guarantee the site is trustworthy.

Q: How can I check a website's age?

A: Run the URL through SniffTest, which checks domain age as one of its 17 signals. You can also use a WHOIS lookup tool to see when a domain was registered. A domain that is only a few weeks or months old is a significant warning sign, especially if the site claims to be a well-known brand.

Q: What should I do if I have already paid a fake website?

A: Contact your bank immediately and ask them to reverse the transaction and flag your card as compromised. Change any passwords you used on the site, especially if you reuse them elsewhere. Report the site to Action Fraud (actionfraud.police.uk) in the UK or the FTC (reportfraud.ftc.gov) in the US.

Q: Are low prices always a warning sign?

A: Extremely low prices - designer goods at 70–80% off, electronics well below market rate - are a consistent red flag for counterfeit sites. Legitimate sales exist, but a price that seems impossible usually is. If it looks too good to be true, it almost always is.