Not sure if a website is safe to visit? Afraid a sketchy video streaming site might infect your PC? Looking for an e-commerce store to buy from and not sure which you can trust your credit card with?
It’s good to be cautious, and it’s absolutely vital to check that a website is safe before sharing any personal information (e.g., credit card numbers, passwords, addresses, etc.). In this how-to, I’ll offer some quick and easy tips to help you avoid dodgy URLs and verify the trustworthiness of any website.
Be sure you trust a site before entering any personal info.
#1 Use your browser safety tools
Today’s most popular web browsers already include security features to help you stay safer online. These built-in browser tools can block annoying popups, send Do Not Track requests to websites, disable unsafe Flash content, stop malicious downloads, and control which sites can access your webcam, microphone, etc.
Take a moment to review your settings now. Here’s how to find them:
- Chrome: Settings > Advanced > Privacy and security
- Edge: Settings > Advanced settings
- Firefox: Options > Privacy & Security
- Safari: Preferences > Security and Preferences > Privacy
#2 Double-check URLs
This really goes without saying, but I’ll say it anyway: Before you click a link, make sure you know where it’s going to take you. Just mouseover over any link to verify the URL it’s really linked to.
Hover your mouse over the link above, but don’t click it. You should see the URL that it links to at the bottom-left of your browser: https://www.avg.com. Easy, right?
Make sure the URLs are spelled correctly, too. Most people only glance over text on the web. Hackers know this and will often substitute visually similar characters (e.g., “Yah00.com” instead of “Yahoo.com”) to trick you into visiting their phishing sites and unwittingly giving them your passwords, credit card numbers, and other private data. Don’t fall for this trick. It only takes a moment to verify a URL is safe. And it’s worth it.
#3 Check for HTTPS
HTTP (Hypertext Transfer Protocol) is the fundamental protocol for sending data between your web browser and the websites you visit. And HTTPS is just the secure version of this. (The “S” simply stands for “secure”.)
HTTPS is often used for online banking and shopping, because it encrypts your communications to prevent criminals from stealing sensitive information like your credit card numbers and passwords.
So how do you know if a site uses HTTPS? Check for the padlock in your browser’s navigation bar. If you see it, you know the site you’re on is using a trusted SSL digital certificate — in other words, your connection is protected.
If you don’t see the padlock, take your shopping elsewhere.
This isn't a silver bullet, though. Some phishing websites could be using HTTPS to appear to be legitimate. But the main takeaway is this: If a website doesn't have that padlock, don't enter your password or credit card number.
#4 Use a website safety-check tool
To quickly check if a website or a specific URL is safe, use an objective website safety checker like Google Safe Browsing. According to their page, “Google’s Safe Browsing technology examines billions of URLs per day looking for unsafe websites”, which makes this a great website safety-check tool. Just copy/paste any URL into the search box and hit Enter. Boom! It’s that easy.
Google knows the web — including which sites are dangerous.
A similar unbiased safety tool is VirusTotal’s free website security checker, which inspects sites using over 70 antivirus scanners and URL/domain blacklisting services to detect various types of malware and other computer threats. This works just like the Google Safe Browsing tool: Simply enter the URL you want to check and hit Enter.
VirusTotal will also tell you if a website is dangerous.
#5 Whois lookup the domain owner
Need to know who’s behind a certain website? Do a whois (pronounced “Who is”) lookup to find out who owns the domain, where and when the site was registered, contact information, and more. It’s super easy to do, and you’ll feel like a private eye doing it. Try a whois lookup here.
Enter any URL to learn who’s really behind the website.
#6 Call the company
Still not sure if the company is legit? Find their contact details and give them a call. Really, you can learn a lot by who answers the phone. If the number doesn’t exist — or if some teenage voice answers with “Dude?” — then something’s probably up. Just trust your gut.
Where do you find a website’s contact details? Look for a “Contact us” or “About us” link near the very top or very bottom of the homepage. Or try a Whois Lookup (tip #5 above) to see if that reveals a phone number.
#7 Install web security tools
Using AVG can also help you avoid dodgy websites. Download AVG AntiVirus FREE for essential protection, including Web Shield to block malicious downloads and Email Shield to block malicious attachments. Or try AVG Internet Security free for 30 days to get our absolute best online protection, including Fake Website Shield to help you avoid phishing sites.
AVG Internet Security helps you steer clear of fake websites.