Compared to going to brick-and-mortar locations, online shopping can be quick and convenient—but also dangerous. With the holidays fast approaching, consumers often turn to companies’ websites to purchase gifts, decorations, and more. Unfortunately, scam websites lurk on the internet for payments and personal information from unsuspecting users. Online ads (including for holiday sales) are a significant source of how users reach fake websites. Here is how to spot a scam website and what to do if you accidentally submit your information. 
  

    

WHAT IS A SCAM WEBSITE? 

Thieves on the internet use scam websites to pose as authentic, legitimate companies, tricking users into sending money or personal information. Scam websites often advertise free products, malware alerts, or computer updates.
  

SIGNS OF A FAKE WEBSITE 

Scam websites can appear legitimate but contain telltale signs. These signs can help you identify and avoid suspicious, and often, fake websites.
  

Absurd Financial Claims

Scam websites might offer outlandish sums of money for users to click a link or submit an email address. However, scammers create these pages to deceive users into submitting identity or financial information, touting massive financial gains to entice unknowing users.
  

Odd Pop-ups

Say you’re visiting a website when another browser window appears. It’s likely a scam website. Scam pop-ups contain links that might install malware on your computer, record keystrokes, or reveal your location. As a result, it’s best to close internet windows that open by surprise or look unfamiliar.
  

Playing on Emotions

Fake websites typically use bizarrely high financial rewards or severe warnings that your computer is vulnerable to take advantage of our emotions. Methods include flashing words or graphics, which scammers hope will dazzle or scare users into believing they need to take action. In moments of being distracted or panicked, users often forget to pause and check the legitimacy of a website.
   

Posing as a Government Website

To fool users, scammers will present themselves as the United States Postal Service, state governments, and more. A surefire sign of a scam is the end of a website’s URL. For example, a website ending in ".xyz" is a scam website. Internet thieves attempt to disguise their domain by including ".gov" in the web address, i.e., newyork.gov.xyz or us.gov.xyz.
   

Tacky Presentation

Fake websites are generally among the lowest quality, relying on overly decorative text and blurry images to distract you. In addition, these pages may contain grammatical irregularities.
   

Lack of Conventional Pages

Authentic websites for businesses, government entities, and nonprofits usually feature “About Us” and “Contact Us” pages with additional information. Websites without these supporting pages aren’t providing sufficient information to earn consumers’ trust. If the website does list a phone number, call it to verify that it’s for a real business.
   

     

HOW TO AVOID FAKE WEBSITES 

Fake websites aren’t going away anytime soon, but you can quickly identify and sidestep them with these tips:
  

Examine the Domain Name

As noted earlier, scam websites pose as government or business websites. Because most websites end in .com and .gov, scam websites have additional letters before or after the traditional domain names. In addition, scammers will set up .net or .org websites because they are rarer for commerce sites. If you’re suspicious, you can verify who created a domain through a checker site like the WhoIs directory.
   

Pay Through a Secondary Payment Method

Paying by credit card or a payment app protects your banking information and puts a layer of security between you and the websites you use.
  

Don’t Believe Preposterous Deals and Offers

Guarantees of thousands of dollars for a few minutes of work or unrealistically cheap video game consoles and smartphones are reliable indicators of a fake website. Likewise, promises and deals that seem out of this world are likely scammers baiting you into sending money or personal information.
  

Ask the Rest of the Internet

Fake websites usually don’t keep their disguises for long. Website users’ ability to report, review, and discuss online scams means that a quick web search can reveal a site’s legitimacy. If you don’t find negative reviews, use the other tips in this list to ensure the website is authentic.
  

Prioritize Security

The padlock icon next to a website’s name in your browser indicates that the site has a Secure Sockets Layer (SSL) certificate, a crucial indication of website security. It’s recommended to avoid interacting with websites lacking the padlock icon. In addition, genuine websites usually have the company’s name after the domain name. Further, it’s best to avoid clicking links you are not familiar with. Instead, type in domain names or store frequently visited websites as bookmarks. Lastly, you can also use security software like AAA’s Identity Theft Monitoring Tool while browsing websites.
  

What To Do if You’re a Victim of a Fake Website 

Because of the widespread nature of fake websites, it’s possible to accidentally fall for a scam. If this happens, you can mitigate the effects of online monetary and identity theft by taking the following steps:
   

1. Don’t continue messages, correspondence, or phone conversations with the scammer.
   
   
2. Contact your credit card company, bank, or other financial institution to cancel payments and outgoing transfers.
   
   
3. Close the credit cards involved in the incident.
       
4. Change your login credentials (passwords, etc.) to online sources of personal information like your bank, credit card, and email accounts.
   
   
5. Call the three major credit bureaus - Equifax, Experian, and TransUnion - and freeze your credit (you can unfreeze it later when you know you’re safe from the scammer).
       
6. Report the fraudulent activity to relevant entities, such as the Bureau of Consumer Protection within the Federal Trade Commission (FTC).