How to spot an unsafe website in 5 simple steps

Despite improvements in cybersecurity, more than half of all internet users worldwide have experienced some type of cybercrime.
Cuba Internet plans
The consequences of visiting an unsafe site can range from getting unwanted software that will slow down your device to having all your money drained from your bank account.

So, how do you know if the website isn’t safe?

Here are some things you can check on the website to make sure it’s legit.

First of all…trust Google

Google is constantly checking for suspicious, unsafe, or dubious sites.

Basically, it’s trying to save internet users from getting hacked. Which is nice, isn’t it?

If the site you are about to visit is risky, Google will issue one of the following warnings:

  • This page is trying to load scripts from unauthenticated sources: This means the page does not have HTTPS authentication.
  • The site ahead contains malware: The site may install software on your computer that will steal your data and passwords. This can also be used to extort money from you to avoid having your files destroyed (ransomware).
  • Deceptive site ahead: This means the site is dishonest in some way, perhaps disguising itself as that of a well-known company. It usually means its purpose is to trick you into revealing details that will risk your money or sensitive data being stolen.
  • Suspicious site: It has the signs of a site that tricks or compromises the visitor in some way. It could be designed to spy on you or place malware on your computer.
  • The site ahead contains harmful programs: You may be tricked into installing programs. At best, these will certainly slow down your computer and make browsing difficult. At worst, they may spy on everything you do and steal your passwords and credit card details.
  • Did you mean [site name]?: This message appears if the site you are about to visit has a name that is almost the same as that of a well-known company’s site, and you may be about to be tricked by typosquatting.

Just think of it…

As of May 2022, Google issues about 4.8 million warnings per week about unsafe sites on its search results pages.

However, to be absolutely safe, you need to know the characteristics of an unsecure site, in case you come across one that hasn’t yet been flagged.

Top 5 signs the website you’re about to visit isn’t safe

Visiting a fraudulent or compromised site exposes you to many risks.

It can be infected with malware that will steal your financial data and rob you. Another danger is that it can host fake warnings about viruses.

These will then direct you to bogus tech support services that will charge you for work they have not done.

Here are the main signs to watch out for, when you’re clicking on the website.

#1. URL does not have “HTTPS” at the beginning

Hypertext Transfer Protocol Secure means your data is encrypted. If the first part of the URL is only “HTTP”, then your data is not secure.

While your internet service provider can still see which site you’re visiting if it’s HTTPS, it can’t read any data you enter, e.g. credit card numbers or passwords.

You may have to use sites that don’t have the HTTPS rating, or you may be afraid a HTTPS site has nonetheless been hacked or compromised.

In that case, you can stay safe by getting a VPN download, which will encrypt all your data. In addition to that, it will hide your IP address from all third parties.

#2. Limited payment options

If you visit an e-commerce site that doesn’t offer popular payment options such as Visa and Mastercard, be careful.

All reputable sites will give the option of paying by credit card as well as PayPal, Stripe, and other trusted methods.

Beware of sites that limit payment options to wire payments or cryptocurrency. There is a good chance that your transaction will not be encrypted and you will be exposing yourself to the risk of theft or fraud.

Indeed, the whole site may be designed to enable people to steal from you.

#3. Popups and/or warnings

Warnings about your computer being infected by a virus always mean the site is a front for fake tech support scams or the installation of malware on your device.

Once you get sucked into this kind of scam, it will take a lot of time and effort to reverse the damage and remove any harmful or unwanted software.

Just remember, no legitimate site hosts virus warnings. Once you see one, leave immediately.

Beware also of ads for dubious products and get-rich-quick schemes, which are often used as clickbait by cyber criminals to put viruses or spyware on your computer.

#4. Strange URL or domain name

“” – really?

A favorite trick of scammers and phishing sites is to disguise themselves as legitimate sites by having a web address that’s almost identical to that of a well-known company’s site.

This is called typosquatting. A word may be spelled slightly differently, or the words in the web address may be in a different order.

These sites may be running fake tech support scams, disguising themselves as major IT companies. Others may be posing as well-known e-commerce sites in order to steal your financial data.

When in doubt, always Google the legitimate company and check the URL on the address bar to see if it matches.

No mention of a privacy policy

Most reputable websites have a privacy policy that sets out clearly how your data is collected and what security measures are in place.

In places such as the EU, Australia, and Canada, this is now legally required for all websites, and sites that don’t comply are blocked in these regions.

Most users don’t read the policy, and sometimes even find it a nuisance when they have to click to indicate their consent before they use the site. But its presence is a sign that the site is reputable.

If it’s a trustworthy site, the link to the details of the policy should be on the home page and easy to find.

#5. Website looks old

Changes in web design through the years make it easy to spot a site that’s been around for quite a while without modification or updating.

If the pages look like something from the year 2000, there’s a good chance that security upgrades have also been neglected, and it may be vulnerable to hacking and malware.

What to do if you think you’ve been on an unsafe site

Fortunately, it is getting easier to spot risky sites.

Almost all modern websites are now encrypted and have the HTTPS certification. As of June 2022, the figure is 95 percent, up from 48 percent at the end of 2013.

If you find you have visited an unsafe site, take immediate action to prevent any damage:

  • Have your computer checked for any programs that may have been installed to steal your passwords or other data.
  • Have any suspicious software removed.
  • If you have used any passwords, PINs, or codes since visiting the site, change them immediately.


But it only takes one moment of carelessness to cause that crucial breach that exposes your money and your data to the risk of theft. Always remember that these events usually require the unwitting cooperation of the victim.

By taking the right precautions, you will ensure you never become a victim of cybercrime.