Online fraud losses exceeded $10 billion in 2025. The average victim lost $1,500. Most could have prevented it with checks that take under 60 seconds. This article is those checks. Do them in order. Skip none.
1. Verify the Domain Before You Click Anything
Scammers register domains one character off from real sites. amaz0n.com. paypa1.com. app1e.com. The visual similarity is intentional. Your brain autocorrects. Your browser does not.
Check: Look at the address bar. Is the spelling exact? Is the TLD correct (.com vs .co vs .net)? Does it have HTTPS? The lock icon is not enough — HTTPS only means encrypted, not legitimate. A scam site can have HTTPS.
Red flag: Domains with extra words (amazon-deals-today.com), hyphens in unexpected places (secure-pay-pal.com), or country codes on non-country sites (amazon.ru for a US shopper).
Stop — Verify
I nearly entered my credit card on “nike-discounts-store.com” during a rushed lunch break. The logo was perfect. The prices were 40% off. The domain was wrong. I checked because I was trained to check. The real Nike site was nike.com. The discount site was harvesting cards. I lost 30 seconds. I could have lost $800.
2. Inspect the Site’s Age and Reputation
New sites are not automatically scams. But scam sites are often new. They appear, operate for weeks, vanish, reappear under a new name.
Check: Use who.is or whois.com to see when the domain was registered. If it’s under 6 months old and claims to be an established retailer, be suspicious.
Check: Search “[domain name] + scam” or “[domain name] + review.” Real reviews accumulate over time. If the only results are the site’s own testimonials or nothing at all, retreat.
Check: The Better Business Bureau, Trustpilot, or SiteJabber for complaint patterns. Not individual complaints — patterns. Every legitimate business has unhappy customers. Scams have consistent reports of non-delivery, fake products, or card theft.
3. Analyze the Deal Rationally
50% off is possible. 70% off is rare. 90% off is almost always a trap. Scammers use extreme discounts to override judgment. The emotional math — “I’m saving $200” — blocks the rational math — “This product costs $40 to make, how are they selling it for $20?”
Check: Compare the price on the official brand site, Amazon, and one other major retailer. If the deal site is dramatically lower, ask why. Liquidation? Counterfeit? Bait-and-switch? Never complete the purchase without answering this question satisfactorily.
Check: Shipping costs. Scam sites often advertise low product prices and hide inflated shipping fees. A $15 item with $25 shipping is a $40 item with a psychological trap.
Warning — Too Good
A “luxury watch” for $89. A “designer handbag” for $35. A “gaming laptop” for $199. These are not deals. They are hooks. The product is counterfeit, nonexistent, or a completely different item than pictured. The $89 watch arrives as a $3 plastic band. The laptop is a brick in a box. The bag never ships. Your money is gone. Your chargeback takes 60 days. The scammer is already on a new domain.
4. Examine Payment Options Closely
Legitimate sites accept credit cards. Scam sites push you toward irreversible methods: wire transfers, cryptocurrency, gift cards, Zelle, Venmo “friends and family” payments. These have no buyer protection. Once sent, the money is gone.
Check: Does the site accept major credit cards (Visa, Mastercard, Amex, Discover)? If yes, you have chargeback rights. If the site only accepts PayPal, that’s acceptable — PayPal has buyer protection. If the site pushes you off-platform to pay directly, refuse.
Check: Does the checkout page URL match the site URL? Scammers sometimes redirect to a third-party payment processor that looks legitimate but is controlled by them. The domain should be consistent throughout.
| Payment Method | Buyer Protection | Scam Risk |
|---|---|---|
| Credit card | Strong — chargeback rights up to 60 days | Low |
| PayPal | Moderate — dispute process exists | Medium |
| Debit card | Weak — direct bank account access, slower dispute | Medium-High |
| Wire transfer / Zelle / Venmo F&F | None — irreversible | Extreme |
| Cryptocurrency | None — irreversible, anonymous | Extreme |
| Gift cards | None — irreversible, untraceable | Extreme |
5. Test Contact Information Before You Buy
Legitimate businesses want you to reach them. Scam businesses hide or fake contact information.
Check: Is there a physical address? Verify it on Google Maps. Does it look like a warehouse, office, or residential home? A “business” operating from a suburban garage is not necessarily a scam, but it is not a established retailer either.
Check: Call the phone number. Does someone answer? Is the hold music the same generic track used by ten other scam sites? Do they know basic details about the company? A disconnected number or endless ring is fatal.
Check: Email the support address with a question. How long until response? Is the response coherent, or clearly templated and evasive? No response within 24 hours during business days is a warning.
Verify — Contact
I emailed a “customer service” address before a $200 purchase. The response arrived in 4 minutes. It was generic, ungrammatical, and did not answer my question. I searched the response text online. It appeared verbatim on six other “retailer” sites. Same template, different logos. One shared support team running multiple scam fronts. I did not buy. The $200 stayed in my account.
6. Read the Return Policy for Traps
Scam sites copy return policies from legitimate retailers. But the details reveal them.
Red flags:
- Returns only accepted within 7 days of delivery (legitimate sites usually allow 30)
- Return shipping must be paid by customer to an international address (often China)
- Restocking fees of 30% or more
- No refunds — only store credit or exchanges
- Return address different from shipping address
- Policy requires “original packaging” for items that arrived damaged
Check: Search the return policy text. Scammers reuse the same policy across multiple sites. If identical language appears on unrelated domains, both are likely scams.
7. Use a Virtual Card or Single-Use Number
Your bank or credit card issuer may offer virtual card numbers — temporary digits linked to your real account, usable for one purchase or one merchant. If the number is compromised, it cannot be used elsewhere. You cancel it without replacing your physical card.
Check: Citi, Capital One, and Apple Card offer this natively. Privacy.com works across banks. If your card does not support virtual numbers, use PayPal as a buffer — the merchant never sees your card.
Never save your card on a site you do not fully trust. One-click convenience is not worth the exposure. Type the number each time. The 30 seconds of friction is protection.
Protect — Isolate
I use a separate debit card for online purchases only. It is not linked to my primary checking account. It holds $0 until I transfer funds for a specific purchase. If a site is compromised, the card is empty. The thief gets nothing. The bank account is untouched. This is not paranoia. It is compartmentalization. The same principle that keeps ships from sinking when one compartment floods.
8. Monitor After Purchase
The scam does not end at checkout. Some sites charge your card, ship nothing, and delay until the chargeback window closes. Others sign you up for subscriptions hidden in terms of service.
Check: Set a calendar reminder for 14 days after purchase. If nothing arrived, initiate a chargeback immediately. Do not wait for “processing delays” or “shipping issues.” Delays are stalling tactics.
Check: Review your card statement weekly, not monthly. Small test charges — $1 or $0.50 — often precede larger fraud. Scammers verify the card works before the main hit.
Check: Search your email for the company’s name plus “subscription” or “recurring.” Some scams bury monthly charges in welcome emails you did not read. The $19.95 monthly fee appears 30 days later, after you forgot the purchase.
9. Know Your Exit Options
Before you complete any online purchase, know exactly how you will recover if it goes wrong.
- Credit card: Call the number on the back, request chargeback, provide documentation
- PayPal: Open dispute within 180 days, escalate to claim if unresolved
- Debit card: Contact bank immediately, dispute process slower, less protection
- Wire transfer: Contact bank, but recovery is unlikely; file FBI IC3 report
Documentation to save: order confirmation email, screenshot of product page, screenshot of payment page, any communication with seller. Store these in a dedicated folder. You will not remember details two months later when the dispute begins.
Document — Always
I screenshot every checkout page before clicking “Place Order.” Every time. It takes 10 seconds. The screenshot has saved me twice — once when a site changed the product description after I ordered, and once when a site claimed I agreed to terms I never saw. The image was timestamped evidence. The disputes were resolved in my favor. Documentation is not obsessive. It is insurance.
10. Trust Your Discomfort
The final check is not technical. It is biological. If something feels wrong — the site is slightly off, the deal is too convenient, the pressure is too high — stop. Close the tab. Walk away. The item will still exist tomorrow. Your money may not if you proceed against instinct.
Scammers engineer urgency. “Only 2 left!” “Sale ends in 10 minutes!” “Someone in your area just bought this!” These are pressure tactics. Real scarcity exists, but it does not require panic. A legitimate 24-hour sale will still be there in an hour after you verify.
Final Rule — Pause
No purchase is so urgent that you cannot sleep on it. The scammer’s power is your impulse. Remove the impulse and the scam collapses. If the deal is real, it will be there tomorrow. If it is not, you have saved yourself money, time, and the administrative hell of recovering from fraud. Pause. Verify. Then decide. This is the only rule that matters.
Related Articles
- Signs a Website May Not Be Safe for Payments — The checklist above covers behavior. This article covers the technical signals a site displays before you even reach checkout.
- Easy Ways to Detect Suspicious Emails and Avoid Scams — Scam sites often arrive via email links. This guide helps you recognize dangerous emails before you click.
- Fixing Weak Password Habits for Better Security — Shopping accounts need strong passwords. This article shows how to build them without frustration.
- Setting Up Two-Factor Authentication for All Your Accounts — Your shopping accounts are targets. 2FA prevents takeover even if your password leaks.
- Staying Safe on Public WiFi While Traveling — Shopping on public Wi-Fi adds risk. This guide protects those transactions when you’re away from home.
- A Simple Cyber Safety Routine for Everyday Protection — The checklist above is part of a broader daily security habit. This guide connects the pieces.
Sources and References
- Federal Trade Commission. “Consumer Sentinel Network Data Book 2025.” ftc.gov — Official fraud loss statistics and trending scam categories.
- Federal Bureau of Investigation. “Internet Crime Complaint Center (IC3) Annual Report.” ic3.gov — Law enforcement data on online fraud patterns and recovery rates.
- Better Business Bureau. “BBB Scam Tracker.” bbb.org — Real-time consumer reports of online shopping scams.
- Consumer Financial Protection Bureau. “What is a chargeback?” consumerfinance.gov — Explanation of consumer rights and dispute processes.
- Privacy.com. “How virtual cards work.” privacy.com — Technical overview of single-use and merchant-locked card numbers.
- Google Safe Browsing. “How we protect you from dangerous sites.” safebrowsing.google.com
- Anti-Phishing Working Group. “Phishing Activity Trends Report.” apwg.org — Industry data on phishing and fraudulent website trends.
This checklist was compiled after assisting four people with fraud recovery in 2024 and 2025, and after personally avoiding three scams that appeared legitimate at first glance. The checks are not theoretical. They are what actually works when seconds count and judgment is clouded by urgency.
Daniel Kareem is a digital productivity and technology writer focused on simplifying everyday tech use. He creates practical guides on online safety, device optimization, and efficient workflows. His approach centers on clear, step-by-step advice that helps users stay organized, secure, and productive. Through straightforward and realistic content, he aims to make technology easier to understand and more useful in daily life.