Top tips is a weekly column where we highlight what’s trending in the tech world and list ways to explore these trends. This week, we’ll look at how you can spot the red flags of phishing traps, avoid those traps, and keep your personal information safe from scammers.
Has this ever happened to you? You’re scrolling through social media and stumble upon an incredible deal—branded sneakers at 80% off. You click the link, and everything looks legit. The product images are sharp, there are glowing reviews, and the checkout page even has a security lock symbol. Excited, you enter your details, hit “Buy Now,” and then… nothing.
You wait as days go by, yet your order never arrives. Worse, your credit card statement shows mysterious charges from sites you’ve never visited.
Congratulations! You’ve just been scammed.
Fake websites are everywhere, lurking in social media ads, emails, and search results. The trick? They look real. But there are always red flags—if you know where to look.
Let’s break down how to spot these sneaky scams before they empty your wallet or steal your data.=
1. Inspect the URL
Scammers rely on people skimming over links rather than reading them carefully. They use small or reasonable-looking changes to trick you.
For instance: would you notice the difference between amazon.com vs. amaz0n.com or paypal.com vs. paypal-secure.com?
When in doubt, a good trick is to copy and paste the URL into a plain text editor. Sometimes, scammers use hidden characters that only show up when pasted elsewhere. Another trick is to use a search engine to confirm whether a domain name belongs to the expected site.
2. Check for HTTPS—but don’t rely on It
Once upon a time, seeing a padlock symbol in the browser bar meant a site was safe. Not anymore. Scammers now use basic HTTPS certificates to appear trustworthy.
Instead of trusting the padlock at face value, take a closer look. Click on the padlock symbol and inspect the certificate details. Legitimate businesses usually have extended validation (EV) certificates, which require thorough verification. On the other hand, scammers often settle for cheap and easy-to-obtain domain validation (DV) certificates.
3. The too-good-to-be-true deals
If a website is offering luxury watches, iPhones, or designer bags at 90% off, take a step back and take a deep breath. Scammers want you to act fast before you have time to think.
You might be familiar with urgent messages like “Limited Stock” or “Flash Sale – Ends in 10 Minutes!” flashing across the screen. These tactics are designed to trigger impulsive decisions, making you feel like you’ll miss out if you don’t make a purchase right away. Legitimate sales (usually) don’t operate this aggressively. Pause, take your time, and do your research.
4. Read the fine print (or lack of it)
Have you ever visited a website and found the “About Us” or “Contact” pages to be filled with generic information or, worse, completely missing? That right there is a major red flag. Here are a few things you should look out for:
-
No physical address, or vague terms like “Global Warehouse.”
-
Generic email addresses like support123@gmail.com instead of something linked to the business domain.
-
Take a quick look at the privacy policy. A trustworthy site will normally link to its privacy policy at the bottom of each page. If there’s no policy, or the language seems unclear or vague, it’s best to be cautious.
5. Look for spelling and grammar errors
“Your acount has been blocked due to unusal actiivty. Plase click here to verify.”
Read that sentence again. If you catch errors, stop and reconsider before clicking any links. A good habit is to read the content out loud.
Legitimate companies invest in professional websites. Scammers, on the other hand, often rush to put up pages with sloppy text.
Final thoughts: Trust your gut
Fake websites are getting smarter, but so are you. The biggest mistake? Trusting too fast.
Take a few extra seconds to scrutinize the URL, check for suspicious details, and question deals that seem too good to be true. That small effort could save you from losing money, getting hacked, or handing over sensitive data to scammers.
The rule of thumb? If something feels off, it probably is.
