Facebook Online Social Media

How can I tell if a website is fake?

If you’ve spent any amount of time on Facebook, you’ve probably seen various links to “pop up” websites selling Ray-Ban sunglasses with an 80% or greater discount. But how can you tell if these websites are fake, or otherwise?

Yesterday, my sister mentioned a site selling Lego sets with a massive discount that was shared with her on, yes, Facebook. Let’s use that as an example and see what things you can look for. 

Step 1 – Is it too good to be true?

Up to 80% off current Lego sets? Brand-new Lego sets, many of which have just come out but are supposedly part of a “clearance”? Sounds too good to be true? It probably is.

But I’d never make a decision based solely on this because, sometimes, there are genuine offers that fall into this category. At the very least, at this stage, alarm bells should be ringing in your head.

Step 2 – Does anything unusual stand-out on the site?

Let’s look at the site in question.

  • First of all, that domain – leadmoonen.com. Odd name and totally unrelated to Lego.
  • The odd domain name isn’t reflected in the site’s logo. It’s using the Lego logo instead but appears totally unofficial.
  • At the bottom of the page are social media links but none of them work. Additionally, the “Verisign Secured” logo should link to a confirmation page but, again, there isn’t a link.
  • Poor English. “Please allow 5-10 business days for delivery of your hands”??

Step 3 – Check their security

This is a retail site so, at the very least, you’d expect SSL: that’s where the site begins with ‘https’ instead of ‘http‘, and means that the site data is encrypted. That’s key because it keeps all of your transaction (and financial) data secure. In the case of this site, there is no SSL…

Even if this site was legit, I wouldn’t touch it, no matter how good the discount was. 

Step 4 – Look them up

Are people talking about the site on Twitter? Can they be found on Google? What’s being said? Obviously, if you see people reviewing the site positively then, assuming you trust those reviews, then you may want to trust the site.

For this site, there is nothing on either Twitter or Google. How can a website not be on Google? To answer this, I checked the site’s robots.txt file – this is a file that a website can use to tell search engines what to index and what not to. For this site, it can be found at http://leadmoonen.com/robots.txt and consists of the following…

User-agent: *
Disallow:  /

The first line tells search engines whether it applies to them or not. In this case, the asterisk means it applies to everyone. The next line indicates to disallow everything (i.e. not index it). So it’s telling all search engines to ignore the site. Why would you want to do that unless you have something to hide?

But, let’s go back to Facebook. Even though I couldn’t find this website, a quick search of “Lego 80% discount” quickly found identical, and equally bizarre named, sites. And some people HAD fallen for them.

This is total scam. I though I bought he Ghostbusters firehouse headquarters a 4000+ set and they shipped me a 46 piece set and then wanted me to pay more money to fix the issue and not they will not credit my card the $91 they charged me saying they can only give me back 15 20 35% and this only went up after 5 emails to them. DO NOT BUY IT IS A SCAM

David Barton, Facebook

Step 5 – Use ScamAdvisor

ScamAdvisor is a rather splendid site that will analyse a site for potential tell-tale signs of it not being genuine. ScamAdvisor has little good to say about our site.

Step 6 – Who’s behind it?

There is further research you can do on a website, and that’s looking at the registration of the domain. This kind of search is known as a WHOIS lookup, and the results for this domain indicate that it was registered in China on 17th September (13 days ago, at the time of writing).

The date is relevant. Consider how genuine web retailers would work – a domain would be registered first, to ensure it can be secured, before building your brand, and website, around it.

Either they created this within 13 days or grabbed a random domain after the website was already created. Based on the near-identical websites that I came across when searching through Facebook, the latter seems the most likely and would suggest an identikit website being launched, possibly after a takedown of the original.

About the author

David Artiss

Works for Automattic Inc., the company behind WordPress.com and Tumblr. Tech geek, international speaker and occasional PC Pro podcaster. Lover of Lego and video games.

Add Comment

Click here to post a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.