ScamVerify
Menu

Is This Website Legit? Free Website Scam Checker

Verification Process

How Website Verification Works

Enter the URL

Paste any website URL, with or without https://. We handle shortened URLs, defanged URLs, and auto-clean tracking parameters.

6-Source Security Scan

We simultaneously check Google Web Risk, domain registration (RDAP), SSL certificates, redirect chains, brand impersonation, and threat intelligence.

AI-Powered Verdict

Our AI analyzes all signals together and produces a risk score (0-100) with a clear explanation of every red flag and positive signal found.

Data Sources

What Data Sources We Check

Google Web Risk

1M+ known malware, phishing, and social engineering URLs checked in real time.

Domain Intelligence (RDAP)

Registration date, registrar, and domain age analysis to flag newly created scam sites.

SSL Certificate Analysis

Certificate validity, issuer, and encryption strength verification.

Redirect Chain Tracing

Follow all redirects to find the real destination URL behind shorteners and cloakers.

Brand Impersonation Detection

50+ brands checked using substring matching, Levenshtein distance, homoglyphs, and keyword analysis.

Malware Threat Database

3.6M+ malicious URLs tracked and updated every 5 minutes via automated threat feeds.

Common Questions

Frequently Asked Questions

Paste the store URL into our checker. We analyze domain age (scam stores are usually days old), SSL certificate quality, Google Web Risk status, and brand impersonation signals. A new domain with a free SSL certificate selling products at steep discounts is a strong scam indicator.
Common red flags include: domain registered within the last 30 days, no valid SSL certificate, hidden WHOIS registration, brand name misspellings in the URL (like amaz0n or paypa1), redirect chains through multiple domains, and presence in malware threat databases. Our scanner checks all of these automatically.
Yes. We follow redirect chains to identify the final destination URL, then analyze the actual website. This catches scammers who hide malicious sites behind URL shorteners.
We cross-reference 6 data sources: Google Web Risk (1M+ known threats), a malware database with 3.6M+ tracked URLs updated every 5 minutes, domain age analysis via RDAP, SSL certificate verification, redirect chain tracing, and brand impersonation detection against 50+ major brands.
Yes. We capture a live screenshot using a headless browser. Sites that block automated previews are flagged with an evasion warning, since legitimate sites rarely block screenshots.
Our system checks for 50+ major brand names (Amazon, PayPal, Microsoft, Apple, etc.) in domain names using substring matching, Levenshtein distance, homoglyph detection, and keyword analysis. A new domain impersonating a known brand is a strong scam signal.
We scan URL paths for government agency names (IRS, SSA, DMV, USPS, etc.) on non-.gov domains. A site at fake-irs-refund.com/irs/verify would be flagged for government impersonation.

Check any phone number, website, text, email, document, or QR code for free.

Instant AI analysis backed by millions of federal records and real-time threat data.

Check Now