I offer some tips on distinguishing lawful online businesses from dishonest ones.
Check the site reputation and scan for malware.
I compiled a list a services I use to check website reputation and scan for malware: Website Reputation Tools
Are the logos fake?
Nothing inspires confidence like a nice shiny "Secured by McAfee" website logo. Click it. Does it go to McAfee's own security validation site? It should. If it's just a logo that goes nowhere, then don't believe it. Any douchebag can download a "Verified by..." or "Secured by..." logo and put it up on their site.
Are the reviews and Facebook likes fake?
Don't rely on review sites and Facebook likes to prove site legitimacy. They could all be fake. In fact, most people investing time and effort into writing a review will do so when dissatisfied. A legitimate negative review tests a company's customer support response to a complaint or query (i.e. in the form of a refund, app update, etc), while a positive review doesn't offer much in the way of personal reward for the author. Are the reviews detailed, or are they suspiciously brief and vague? Is the language used native-level, or is the review authorship being outsourced to a ton of low-cost non-native writers? Follow the Facebook likes to the user profiles. Did they join Facebook last week? Do they have 2 posts, one of which is a "like" of the very same website you're investigating?
Google search the name of the website along with the word scam, fraud, etc.
Have others posted about their traumatic experiences with online company X? Has someone created a "Company X is a Fraud" Facebook page? There's only 2 reasons why anyone would do this:
1. They were genuinely ripped-off by company X. This is the more common scenario.
2. They're launching a smear campaign for a rival company. In other words, they benefit financially by bashing company X. This is usually easy to spot because the site author will recommend the rival as part of the post(s). "I got ripped-off by company X, but company Y saved the day!"
Google search the address and/or phone number.
Does the online business have a phone number or address posted? If so, google it. You may be surprised. It may be a garage. Or a park. Or a tent in a park. For example, I found an address that actually belonged to a shady-looking business proxy service that gives anyone with some cash a proper-looking business address. The same address belonged to a hundred "businesses," and for low monthly fee I could've had it too. Hmmmm....my eyebrows are raised.
What's the payment method?
Does the site want you to pay via Western Union or echeck or bank transfer? I'd steer clear if those are the only payment methods. Do they accept credit cards or Paypal? If so there's a better chance of getting your money back if things go wrong. Paypal and most credit card companies have a claims process that allows you to reverse fraudulent charges, granted not too much time has passed since the time you payed and the time you realize you got ripped-off. It's an essential consolation, especially when dealing with unfamiliar web vendors.
Do a Whois lookup.
For example, go here: http://whois.domaintools.com/ and check the registration record for the domain name in question. Who owns it? Where are they based? Is the registration record hidden under multiple veils of secrecy? For spam-fighting and privacy reasons, some anonymity is to be expected--particularly with personal blog sites, etc. However, most legitimate online businesses don't hide in dark web caves.
Life's too short. Order from a legit vendor.
Know that ordering shady merchandise or services from a shady online vendor carries tremendous risk. Is it really worth it? Are you really saving that much money? Is there a more legitimate alternative? I hate to sound cliche, but if it looks too good to be true, it probably is. That's why it's more expensive on Amazon--or why Amazon doesn't sell it in the first place.
Related Articles
Why I Hate the Apple Store
I go to the Apple store in Ginza looking for Snow Leopard (for a client). Of course, there's no sign indicating what is on each floor because signs would dir...
Playstation 3 Audio With a Com...
I gave myself a home project--upgrade / reorganize my home studio so that it is both more comfortable and more like a proper man-cave. As a man-cave can...
Linux and NTLMv2 Proxy Authent...
My company's firewall enforces NTLMv2 proxy authentication, which kinda sucks for some Linux hosts since I can't pass that authentication directly on the comman...
Windows - How to Disable Start...
I hate it when a user's PC shuts down ungracefully, and they choose startup recovery at the next boot. The process (albeit "recommended") removes the PC from t...