man browsing on a website
3 minute read  

In today’s day and age, the internet is a great way for businesses to reach their customers, and vice versa. It’s quick, efficient, easy, and allows for a lot more growth opportunities. However, the rise of e-commerce also allows for the rise of cyber crimes and fraud.

In 2021 alone, 104,295 Canadians were reported to be victims of fraud. This resulted in a loss of more than $370 million. To protect yourself and your business from fraud, it is extremely important to practice website safety while online.

Here are five steps that you and your employees can follow while online to determine whether a website is legitimate or is a scam.

1.  Check whether the website has a privacy policy

Canadian companies are required by law to have a privacy policy on their website. This is so consumers are aware of how their personal data is stored, collected, protected, and used. If a company does have a Privacy Policy on their website, this is a good sign that they care about their customers and their data, and that they are compliant with business laws.

However, having a Privacy Policy doesn’t guarantee that a website is not fraudulent. Fake websites may use Privacy Policies to make their company seem more legitimate. This is why it’s important for you to make sure to read the Privacy Policy carefully, and ensure that it appears to be authentic and accurate.

2.  Verify the URL

A website’s URL can tell you a lot about a website’s legitimacy. When reading the URL, look to see if it includes a lock symbol at its start. Also, check to see if it has a standard “HTTP” or “HTTPS” in its hyperlink. Both of these indicators mean that the connection is secure. This unfortunately does not guarantee that a website is legit, but it shows that the company has taken the effort to ensure that it has a secured encryption process in place. This can make them appear more credible and trustworthy to customers.

It is also important that you double check the URL when entering a website. URLs can be manipulated and designed to appear as other websites. To check for the actual URL, copy and paste it directly into another browser, and the real URL will appear.

3. Confirm the domain name and age

The domain itself can be a great indicator of whether you are visiting a legitimate website. Thankfully, domain information is available for anyone to view. There are many databases you can use, including Who.Is and Lookup.Icann.

It is required of all webpages to have a registered domain name – check to see if the registered person’s name is the same as the company. If not, this could be a red flag. It is also important to check the date that the domain was registered. Fraudulent websites tend to have a shorter lifespan then legitimate ones, as they get shut down quite frequently. As a general rule of thumb, the more recently the domain was registered, the more likely it is a scam.

4. Inspect the contact page

Perusing a website’s contact page is also a great way to gauge if it could potentially be a non-trustworthy website. See how many different contact methods are listed. The more methods that are listed the less likely that it is a scam. For example, if a website only has a fillable form as its means of contacting the company, proceed with caution. However, if a company lists their physical address, phone number, fax, email, social media accounts, and has a live service chat, they are probably a legitimate company.

If you want to take extra precautions, look into the actual contact information itself. Try sending an email to the address that is listed and see if it gets delivered, or try calling the company phone number to see if anyone picks up. You can also search the address listed on Google Maps to see if it’s a legitimate office location.

5. Look for any spelling and grammatical errors

Generally, communications from legitimate companies will be professional in tone and have very few spelling and grammatical errors. Typos can and will happen on any website. However, an excessive amount of typos can mean it was  written in a rush and should be a red flag.

Protect yourself and your business with cyber risk insurance

Cyber crimes are getting more sophisticated each and every day. Unfortunately, no matter how educated you are on the signs of fraud and cyber crime, you may still fall victim to a cyber attack. Our team is available to work with you to ensure that your policy addresses your own individual cyber risks. Visit our cyber risk and data breach coverage page to find out more!

This blog is provided for information only and is not a substitute for professional advice. We make no representations or warranties regarding the accuracy or completeness of the information and will not be responsible for any loss arising out of reliance on the information. Terms, conditions and exclusions apply to coverage. See policy for details.