One type of common scam involves fraudulent websites that impersonate legitimate sites in an attempt to trick users into downloading malware or divulging sensitive information such as a credit card. These sites will impersonate banking sites, popular commerce sites like Amazon or eBay, or well-known brands like Apple. Fortunately, there are several signs to look out for to recognize these harmful sites.

One warning sign is a too-good-to-be-true deal or a call to urgency. Any site promising a massive discount on your order now, that you’ve won a new iPhone if you just pay for the shipping, or that you have a virus and need to contact tech support right now are all common types of scam websites.

Another red flag is an unprofessional-looking website. A company as large as Microsoft will have its pages thoroughly edited, so if a site claiming to be Microsoft is riddled with grammatical errors or broken English, you should be wary. This kind of low-quality mistake is another sign that the site isn’t legitimate.

Something else to look out for is the URL. A legitimate site with usually have a locked padlock symbol beside the URL and include https over http. Scammers will often try to secure a similar-looking URL hoping you don’t notice the difference. They may change out a single letter or swap symbols that look similar. They may do something like amaz0n.com, amazom.com arnazon.com for example.

Another indication that a site is fraudulent is a suspicious domain age. There are sits available to pull domain registration records on any site. A scam site is likely to be only a few weeks or months old, while the real version has likely been registred by the company for quite some years now. For example, Google, Apple, Amazon, eBay, and Microsoft registered their domains back in the 90s or even 80s.

While fraudulent websites are a common issue, there are many indicators to detect and avoid them.