How to check if a website is legit

HomeBanking › How to check if a website is legit

Going digital has no doubt made our lives easier. It is easier to work online, collaborate with others, and use the internet for essential, and non-essential, tasks including online banking. However, the internet is also a hotbed for cybercriminals.

From phishing to fake websites, online scams have become so sophisticated that it can be hard to verify what’s fake and what’s real. Scammers sometimes even use trusted search engines like Google to appear authentic, making it increasingly important to be aware of signs that help you check if a website is legit. On this page, you’ll learn how to verify website authenticity, discover important terms you need to know for cyber security, and learn more about safe online banking.

How to check if a website is legitimate

Here are some points to think about if you find yourself wondering, “Is this a scam website?”:

  • Check the website URL
  • Verify the trust seal and logo
  • Ensure a safe network connection
  • Check for spelling and grammar in the content
  • Research the domain ownership
  • Use Google’s safe browsing tool
  • Read reviews and feedback


1. Check the website URL


When you want to know how to check if a website is safe, pay careful attention to the URL at the top of your browser. While some fake URLs are easy to spot, others might be hidden or changed to appear genuine. A simple method to identify if a site is malicious is by highlighting the entire URL, copying, and pasting it into the search bar of a new tab. Before hitting ‘enter’ to search, review the URL once more. This process may reveal the unaltered URL, exposing any manipulations that were made.


2. Verify the trust seal and logo


E-commerce websites, where you shop or make payments, often feature ‘trust seals’ on payment or sensitive information pages. Clicking on these seals will take you to the seal provider’s website to verify website authenticity. Or, you can directly visit the seal provider’s website to search for the specific website’s legitimacy. Click here to see a complete list of trust seals.


3. Ensure a safe network connection


Verifying a secure connection is a simple yet crucial step to ensure that your communication with a website’s server remains encrypted and safe. This means all information is shielded from third parties and fraudsters. To do this, click on the padlock icon in the URL bar; on Apple devices, select ‘Show certificate’, while other browsers offer ‘Security’ or ‘More information’ options to access the certificate.

If you’re directed to a website that doesn’t have ‘https://’ in the URL, and asked for personal information, you should exit immediately, since the website doesn’t have proper security measures in place.


4. Check for spelling and grammar in the content


Normally, trusted and secure websites have high quality content with proper syntax and grammar. Hackers will hastily scrap together a website to make money without paying attention to the details. You can often spot errors in grammar and spelling on these fake websites. Make sure to check for two things in particular: if the text is threatening, creating a sense of urgency, asking you to do something immediately, or if the text appears too good to be true.

For instance, unfamiliar websites that offer savings accounts with higher-than-average interest rates might not be legit, or at least require additional scrutiny.

It’s important to exercise caution when it comes to online transactions. If you encounter a website that seems carelessly put together with bad grammar and spelling, you can even call your bank to verify its authenticity.


5. Research the domain ownership


Every domain owner is required to register their web address or URL. This helps you check domain ownership easily on a website like You can have a look at the individual or organisation behind the website for extra security. If you’re not able to find the ownership of a domain, and it appears fishy, then it probably is. It can mean that the owner does not want to be found.

6. Use Google’s safe browsing tool


Google’s helpful safe website checker, the safe browsing tool, is the easiest way to check a website for risk and make sure it’s not a scam. You simply have to copy and paste the website URL in the ‘search by URL’ box and hit enter to get the results.


7. Read reviews and feedback

Another way to detect scams online is by reviewing feedback and what others have to say about the website. Trusted websites such as Trustpilot gather reviews from previous customers to help you decide whether a website is legit. Some reviews even warn you against possible scams and inconsistencies, so you can make informed decisions. As in other cases, it’s best to be cautious, as some websites will put up fake reviews to build a false sense of security. Be wary of reviews that are all new, repetitive, and are badly written.

Remember to ask yourself, “is this a scam website?” if a website seems dodgy or makes you suspicious, and go through the checklist above to verify its authenticity.

What if I accidentally visited a malicious website?

If by any chance you end up on a malicious or fraudulent website, it is important that you don’t click anywhere or engage with it in any way – not even clicking on the back button. You should close the browser immediately and clear your cache and browsing history.

Find out how to clear your cache and browser history in case you land on a scam website.

How to avoid scam websites

The first step to protect yourself from fraudulent websites is to install an antivirus software on your devices. Consult an IT specialist before purchasing the software to make sure it’s from a trusted provider. By taking active steps to search safely on the internet, you can avoid scam websites more efficiently.

Remember, phishing and other scams can also be avoided with just a bit of due diligence. Don’t click on spammy links in emails, ads on suspicious websites, and report spam whenever possible.

Is banking online with Raisin Bank safe?

Yes, online banking is generally safe since many banks have encryption and multifactor authentication in place to secure their websites and ensure that your data is protected.

At Raisin Bank, we follow stringent protocols to ensure that both your money and credentials remain secure. The Raisin Bank website is protected by industry standard SSL Secure Sites Certificates to ensure any data you share with us is encrypted and therefore cannot be read.

Learn more about how we protect your data and keep our website secure.

Important cyber security terms you need to know

Here are some important cyber security terms, abbreviations, and technical jargon you need to know to help you check if a website is safe.

What is HTTP?

HTTP stands for Hypertext Transfer Protocol. It’s a fundamental protocol used for transferring data and information online. It enables the loading and communication between web pages through hyperlinks. You may also find ‘HTTPS’, which is an extension of HTTP and means that your connection is secure (see the section on SSL below).

What is a URL?

A URL, or Uniform Resource Locator, is a web address at the top of the webpage that identifies its location on the internet. It consists of various components like the protocol (such as “http” or “https”), the domain name (like “”), and the path (such as “/page”). URLs are used to access web pages, files, images, and other online content.

What is the domain name?

The domain name is a component of the URL that acts as a sort of ‘nickname’ for the complete web address. It’s the recognizable part, often the website’s name or a variation, which helps identify the site.

What’s an IP address? 

An IP (Internet Protocol) address is a unique identifier that sets individual internet users apart. Your home internet router also has its own IP address, disclosing its location. To discover your personal IP address, you can search ‘what’s my IP address?’ on a search engine like Google.

What is SSL? 

SSL stands for Secure Sockets Layer, and it was a commonly used cryptographic protocol for security. It was succeeded by TLS (Transport Layer Security) in 1999. While TLS is essentially the same, many still refer to it as SSL. This technology establishes a secure channel between devices over the internet or a network. The change from HTTP to HTTPS in a web address indicates the addition of security, where the ‘S’ stands for ‘secure’.

What is phishing? 

Phishing is one of the most common methods cybercriminals use to acquire sensitive data like passwords, bank details, and credit card information. They employ tactics like spammy emails and ads to direct you to fake websites that look genuine. These websites trick you into entering personal information, which the fraudsters then exploit and misuse.

What is malware?

Malware refers to malicious software that cybercriminals use to trick people and obtain their personal data, like bank information, for financial gain. Malware can be in many forms, including:

  • Email attachments
  • Advertisements on reputable websites
  • Deceptive software downloads and installations
  • Corrupt USB drives
  • Corrupt apps
  • Phishing emails
  • Suspicious text messages

Want to know more about savings?

Subscribe to the Raisin newsletter to...
  • Be the first to find out about market-leading rates
  • Receive exclusive account holder-only offers
  • Keep your finger on the pulse with the latest money news