Rawpixel.com // Shutterstock
Written by Fred Decker
How often do you buy something online? A couple of times a month? A couple of times a week? A couple of times a day? Everybody’s answer will be different, but collectively, it’s done a lot: Online retail accounted for over $1 trillion of purchases in the U.S. in 2022 and a record $277.6 billion in the second quarter of 2023 alone.
Retailers ranging from titans like Amazon and Walmart, down to local small-town shops work very hard to land their share of that business. Sadly and inevitably—so do criminals and scammers. At any given moment, they operate millions of bogus sites. So how can you spot those fake online shopping sites? Spokeo provides a guide.
It’s Easy to Create an Online Presence
In the early days of the internet, it took some genuine skills to set up a website, but those days are gone. A quick search will show that there are lots of apps and services offering websites on a prefabricated “fill in the blanks” basis, and most web hosts provide those tools as part of the service when someone signs up with them.
It’s even easier on social media. If you were opening a “side hustle” business tomorrow from your home, you could set up your own Facebook page tonight in under an hour, with exactly zero knowledge of websites. Once that page is set up, you just need to throw a few dollars in the direction of Facebook’s advertising department, and they’ll start advertising your page to users. It’s no harder to promote a website, except in that case, you’d give your advertising dollars to Google.
This is a simplified overview, but the main point holds: Establishing a presence online has become a very democratized process, open to anyone with minimal skills and even the smallest budget for advertising. That’s been a boon for legitimate entrepreneurs, but it also makes life very easy indeed for scammers.
How Bogus Websites Steal Money and Information
There are multiple types of bogus websites. Some are imposters, created to look very much like a legitimate commercial or government site that you’re familiar with, such as Amazon or Netflix. Others don’t imitate a specific site, but instead attempt to capture the look and feel of those sites in general (whether that be a retail site, a government or bank page, or even something relatively shady like a gambling or porn site).
Next, scammers find ways to drive traffic to their site. Often that’s through phishing texts or emails, but deceptive ads on social media or search engines like Google and Bing work just as well. Once a browser arrives at the criminals’ site (or, in some cases, downloads their app), any number of bad things can happen.
One is that they’ll download malware onto your devices, which can capture passwords or steal personal information. A more straightforward risk is that the browser will cheerfully enter their personal and banking/credit card information, thinking they’re making a legitimate purchase. That’s largely why fake online shopping sites are so dangerous, and so useful to scammers and identity thieves.
How Fake Online Shopping Sites Work
Most bogus sites share some or all of those characteristics, but shopping sites are a very specific type of bogus site with some quirks of their own. One characteristic to count on—whether the website directly impersonates a major retailer like Amazon, a niche retailer like MEC, or just positions itself as an anonymously general retail site—is that it will offer unusually low pricing on high-demand products.
That might be a mass-market item like the latest gaming console, a suddenly in-demand item that’s unavailable through normal channels (remember trying to get masks and sanitizing wipes during COVID-19?), or something as mundane as disposable diapers or high-capacity computer drives. Whatever the product, the advertised price will be low enough to get attention.
The bogus site will have any number of ways to transfer a browser’s money to its coffers, depending on the scammers’ intentions and skillset. A few of the most common include:
- Products that are damaged, refurbished, low-quality fakes, or otherwise not as described (and therefore, not worth nearly what was paid for them).
- Products that never arrive at all after they’ve been paid for (this is the most common variation.)
- Hidden fees, surcharges, or shipping charges that dramatically inflate the price of the (usually substandard) product.
- Charging a “restocking fee” before processing a refund or return (which, of course, they subsequently don’t do).
These are all aside from the potential to infect devices or steal payment information. Sites focused on identity theft might consider a faux purchase to be just the added gravy.
Fake Online Shopping Sites are a Big (and Year-Round) Problem
How common is online shopping fraud? Well, the news is pretty bad. The FTC’s 2022 Consumer Sentinel Network Data Book recorded over 327,000 online shopping complaints, the fourth-highest category for overall complaints and second among fraud categories.
You would expect these sites to be more prevalent during the final quarter of the year, corresponding to the holiday gift-giving season—Black Friday, Cyber Monday, and Christmas itself—and they are, but that doesn’t mean you can relax during the other nine months of the year. The Anti-Phishing Working Group, or APWG, identified nearly a million fake or phishing websites during the first quarter of 2022 alone (not a busy time of year for shopping), for example.
To be clear, only 14.6% of those were eCommerce sites, but that still translates to well over 140,000 bogus shopping sites. The true number is almost certainly higher because the APWG only tracks the ones that use a phishing approach. Many opt to simply buy advertising instead (or as well), and those won’t be captured in the APWG’s statistics. However you slice it, there’s a definite risk of encountering these sites when you shop.
Recognizing Fake Online Shopping Sites
The good news is that bogus shopping sites aren’t hard to spot, once you’re aware of the risk. They aren’t built for permanence; scammers pull them together quickly and cheaply and then abandon them once they stop producing.That “just good enough” approach leaves plenty of visible signs you can detect.
Below, here’s what to look for when recognizing fake online shopping sites.
Bad images
Bogus sites don’t have direct access to the real products’ manufacturing images, so they resort to copying and pasting from legitimate sites. \That means bogus sites’ product images (and often their fake logos, if they impersonate a legitimate site) are fuzzy and low-res.
A URL that’s slightly “off”
Imposter sites obviously can’t have the same URL as the legitimate site, so they’ll usually have a URL that looks right, but isn’t quite. They might have a typo in the name, or incorporate the real company’s name into their URL in a non-standard way (“myfakesite.amazon.com.123xyz.com”), or—sneakiest of all—use a letter from a different language’s character set, which looks the same to the eye, but not to the computer.
Broken links
The scammers may have simply copied and pasted user interface elements from a legitimate site, in which case many links on the site may be broken (or simply not clickable).
Lots of missing elements
A legitimate retail website will have several pages of legalese, often starting with a pop-up about its cookie policy or privacy policy. You should certainly expect to see a detailed document spelling out shipping policies, return and refund policies, and similar details. If those are missing or brief and vapid, it’s probably a fake site.
Limited options for payment
Sites that plan to take your money and run will often show oddly specific payment options, from wire transfers to gift cards to cryptocurrency. The thing those payment methods have in common is that it’s very difficult to get money back once it’s spent. Sites geared around capturing your personal or payment information, on the other hand, may insist on getting your credit card.
Typos, grammar, and linguistic errors
Simple, silly language errors are often a red flag. Scammers may not be native English speakers, and it shows up in awkward or sometimes inappropriate phrasing. Errors in actual product listings aren’t necessarily a smoking gun—you’ll see them frequently on real Amazon pages—because they come from the manufacturers, who are often not English speakers. Language errors on the rest of the site are more of a concern.
HTTP vs. HTTPS
In the address bar of your browser, a legitimate retail site’s URL will start with HTTPS, rather than HTTP, and will show a closed lock symbol. The majority of fake sites now also have an HTTPS URL and will show the lock (so this isn’t as helpful as it used to be), but less-sophisticated scammers may miss that detail. You can automatically rule those ones out.
And, of course, the biggest red flag of all is an unrealistically low price on the product you’re looking for. We all want to get a really good deal, but that impulse will often lead you astray.
What to Do if You Think a Shopping Site Is Fake
If a shopping site fails those basic “eyeball” tests, the smart thing to do is just close that browser tab and walk away. If you want to dig deeper, or if you aren’t sure, there are a few quick and easy ways to verify a site’s legitimacy.
Use a URL/website checker
Remember those really sneaky fake URLs that use a letter from another alphabet? The best way to check those (and other problematic elements in a URL) is through a URL verifier/website reputation service, like the ones from URLVoid and Google. Just copy (don’t click!) the link, and paste it into the checker. If the site is sketchy, they’ll tell you.
Look up the site on a registry
Domain names all need to be registered and there are several lookup tools to check this, like ICANN’s registration lookup (think of it as Spokeo for websites). If a site claims to be Amazon but was registered just a few weeks ago, that’s a really big red flag. Similarly, if the site isn’t located where it should be, or if the ownership data is obscured, that’s grounds for concern.
Turn to Google
If you have a bad feeling about a particular site, do a quick Google or Bing (or whatever) search that pairs the site’s name with keywords like “scam,” “fraud,” “bogus” or “ripoff” and see what comes up. If you get a lot of hits, that’s definitely grounds for concern.
Go Forth and Shop (Safely)
If a given site fails any or all of those tests, then keeping your wallet in your pocket is definitely the smart choice. Instead of making the purchase, report the site instead to the FBI’s Internet Crime Complaint Center and the FTC’s Report Fraud website. That will get the investigative wheels turning and may help protect someone less wary from falling victim to the scammers.
As always, wariness and skepticism are your friends when it comes to avoiding scams. Don’t click on links in emails, texts, or social media messages; instead, go to the company’s site by typing the URL directly. If you search a company’s page on Google, scroll down through the actual search results until you find it instead of clicking on the sponsored results or advertisements at the top. Most of all, remember the golden rule of scam avoidance: If it seems too good to be true, it probably is.
Keeping those principles in mind, and using the tips given here to screen out dubious sites means you’ll be able to shop ’til you drop (safely), despite the vast number of scammers out there. And that—as the credit card ads like to say—is priceless.
This story was produced by Spokeo and reviewed and distributed by Stacker.