One Small Tip That Can Help You Judge The Trustworthiness Of A Website

whois   One Small Tip That Can Help You Judge The Trustworthiness Of A WebsiteMany of us at MakeUseOf are very firm believers in the Web of Trust browser extension. Though no solution goes without false positives and certain loopholes, it’s a great way to gauge if a website is helpful or harmful.

Without WoT, a lot of people would feel up in the air about unfamiliar websites. You don’t have to. In this post, I’d like to show you one of the easiest and most effective ways for the average internet user to make their own call on the legitimacy of a website. The best part is that it requires no real technical skill and should take you a maximum of about two minutes per website. The only piece of information that you’ll need is the website’s URL, and that’s as easy as copy and paste. Interesed? Let’s look into it.

Domains

On an internet where free web hosting has been laid to rest for years, practically every website has their own dedicated domain name. The domain name for MakeUseOf is makeuseof.com. A domain name basically consists of two parts (if we leave out subdomains, which are irrelevant in this situation): the top-level domain and second-level domain.

In our example, the top level is com and second level is makeuseof. As you know, there are plenty of top-level domains, such as com, net, and org. A second-level domain is not limited in that same respect. When purchasing a domain (which costs roughly $10), you’re able to specify any alphanumeric second-level name. I could register craig4president.com today if I pleased.

whois1   One Small Tip That Can Help You Judge The Trustworthiness Of A Website

It’s important to note that during the registration of a domain name, you are required to enter truthful registration information or you can face some pretty harsh fines and punishments. That leads us into our next section.

WHOIS

As defined by Wikipedia:

WHOIS (pronounced as the phrase who is) is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block, or an autonomous system, but is also used for a wider range of other information. The protocol stores and delivers database content in a human-readable format.

In layman’s terms, WHOIS is like the Yellow Pages of domain names. When you register a domain name, the information you use (be it personal or of a business) is listed publicly and is available to anyone unless you use some sort of privacy service (which generally comes with an additional cost).

There are plenty of WHOIS lookup websites, but here are three of my favorites:

  1. Who.is
  2. WHOis.net
  3. DomainTools WHOIS

To look up the registration information of any domain name, just enter the domain and go. Here’s a screenshot of the WHOIS query for one of my favorite websites, Reddit:
whois2   One Small Tip That Can Help You Judge The Trustworthiness Of A Website

As you can see, there’s a wealth of information. The information available is dependent on what registrar (such as GoDaddy) a domain name has been registered with.

Your Part

So how does knowing the registration information of a domain name help you be more confident about a website? Well, in many ways. Here are just a few that I can think of on the spot:

  • You can verify that the registrant is in a country that the website reflects, or at least not in a suspicious location where there is a high rate of internet fraud.
  • You can see if a domain’s registration information is set as private.
  • You can see how long a domain name has existed.

If you’re looking online for a website that is selling handbags, are you sure that you want to make your purchase from a website whose registration info comes from a company based in an area where common replicas and counterfeits are made?

If you’re already a little uncertain about a website, seeing that their WHOIS information is private could completely put you off. Keep in mind though that private registration information does not mean that a website is fraudulent or “bad” in any way. It just means that the domain registrant wants to hide their information, and that could simply be for their own privacy. A great example is our own domain at MakeUseOf. It is registered privately.

whois3   One Small Tip That Can Help You Judge The Trustworthiness Of A Website

When you’re looking at a website that is offering free gifts for certain participation, are you sure you want to trust a website that was made just two months ago? You’re able to see that through a WHOIS query, and that’s understandably suspicious.

WHOIS is incredibly useful when doing research on websites that smell funny. If you’re suspicious and feeling uncertain, that option is always available to you. It’s just another resource to help you remain safe on the internet and passing judgment is completely in your hands. Do you find this tip useful? Let me know in the comments!

The comments were closed because the article is more than 180 days old.

If you have any questions related to what's mentioned in the article or need help with any computer issue, ask it on MakeUseOf Answers—We and our community will be more than happy to help.

35 Comments -

Anandu B Ajith

thanks

Florin Ardelian

Craig, do you remember SOPA?

Craig Snyder

Yes.

Florin Ardelian

So the MUO owners are still giving their money to GoDaddy, after all the activism against them that took place on Reddit…

Craig Snyder

You’re pointing that out, but I honestly don’t have much of a response for it. I’ve never considered it an issue worth raising to anyone at MUO, but if it’s something that concerns you then that’s all in your right.

The way I see it, if GoDaddy has always provided a good service to the domain registrant, then so be it. I don’t support SOPA and I have extreme doubts that the registrant of our domain name supports SOPA. The fact that GoDaddy does (or “did”) won’t always be enough to disrupt a healthy business relationship.

It’s not the perfect analogy and it’s straying off track a little, but I’m not a religious person at all. If a devout Christian opened a nice bakery or market down the street, the last thing to stop me from buying would be the owner’s religious beliefs. What would stop me is if she sold stale bread.

Jagbir Sembhi

thanks for this article

Ibrahim the Eritrean

Caig, while I must say this is one good strategy, it still is not enough and by no means foolproof — because this will still not help you if the website is hacked 10 minutes ago and is being exploited. You need to use this along with real time link scanner like AVG Link Scanner Free Edition — and may still have to use Sandboxie.

Junil Maharjan

have been using some of these tools myself. pretty good info.

Gerald Huber

Some good tips. Unfortunately I think that not many people will do these things. Too much of a hurry. And some may even think “Every thing on the internet is true and no one would EVAH lie to me.” I know my websites are registered privately. I have never done the WHOIS on a popular website. I wonder what information would be found.

CJ

I advise all my domain clients to register using the privacy option – whois is heavily used by spammers to harvest email addresses. This technique is just smart privacy management!

Craig Snyder

This is very true as well. The most responsible WHOIS services encode the email as an image to make it significantly harder for spammers to scrape, but there are very simple ways around that.

raymond mcnatt

thanks

Michael

There are free websites that check a web address in seconds.

Rob Hindle

Key words are “small tip” and “help…”.

Whois can be useful to find out about the true owners of a web site but although the article says “you are required to enter truthful registration information or you can face some pretty harsh fines and punishments” that grossly over-states the position. I’m not aware of any fines or punishments ever having been applied. The probaly worst-case scenario is if someone challenges your right to the name, if your details are incorrect there’s a risk of the decision automaticaly going against you so you lose the domain.

It is important that you DO provide correct information, otherwise the registry might have difficulty contacting you should it need to but I’m not aware of much pro-active policing, certainly not when it needs to be done – within minutes of registration.

The bad guys register garbage names and use them for as little as 24 hours before moving their fraud/malware operation to a different domain. There’s nothing to stop them registering their address as 10 Downing St.

One factor that helps (but is not foolproof) is if you also take notice of the original creation date on the Whois. If the name has been around for a few years that’s a good sign – but it may have changed hands. If it was registered in the last few days that could be a warning sign.

Another small detail, maybe I’m being pedantic, but in the UK TLD (and some others) users are (currently) restricted to third level domains, usually under .co.uk

The UK registry does do some registration detail checking detail I have experience of someone who’d not updated their email address since original registration 10 years ago. Their domain name was registered to something like “John Smith, trading as AcmeWidgets”. Nominet (UK registry) emailed them (recently) to say the registration was not valid. The defect Nominet wanted correcting was to change the name to just “John Smith” and enter “trading as AcmeWidgets” in a separate field. Nominet gave just 2 weeks notice by email (to the defunct address) of releasing the name to the open market. Phone number and postal address were correct, their website had the current email address but Nominet relied solely on the registered email address.
As a consequence the first “John Smith” knew of the problem was when his domain stopped working. Luckily he was able to buy his name back.

In summary: yes it’s vital to have correct registration details but you don’t face a fine or punishment (only the threat) and you can’t rely on whois as a way of assessing trustworthiness.

Rama

There’s one thing you should realize:

* Often a web server is NOT in the same country as the content is pitched for

* Often, the owner of the domain name is in another country as well

The above two points are normal, and there’s nothing wrong or untoward about that. Business owners and people often prefer to use the best services at the best cost. The Internet is a global arena.

Robert Peacock

Why do you have a print command on your page so that one could print your article without ads etc.?

Keith D.

With Christmas coming this is a MUST read site for ALL consumers! Thanks MUO.com!

Keith D.

Who to trust & who you can’t! In the world of “The Web”, this article helps to answer that very question! Thanks Craig & thank you MUO.com! Merry Christmas!

Anonymous

Yes, WOT is the best for knowing the reputation of websites. Another addition I would recommend is the Alexa rank. But beware, Alexa ranking can sometimes be higher (lower rank) for spammy sites.

Priya

Thanks!!!

Mark Alsisto

well, 1 thing I know is…MAKEUSEOF.COM Created on: 03-Jul-06. :)

Ebsta the Websta

Who buys stuff on the internet…?

Yosua

Who Is is not an accurate way to check the trustworthy of a website, many scam websites using whoisguard nowadays, which covers the whole “important” infos

Craig Snyder

This was covered in the article.

Debra Beshears

This is really great information. Thanks

Paul Hays

AVG has a free link scanner that you can download separately or together with Free AVG antivirus. Thanks for this article. Nice to have tips that don’t require downloads, too.

Bshell

How about Netcraft. You can find out even more. Like: http://toolbar.netcraft.com/site_report?url=http://www.makeuseof.com

Douglas Mutay

Very useful article. Although I really can’t go to malicious website due to proxy restriction. Thank you

Douglas Mutay

I have checked my own website and saw that my private information such as phone number and address were available. I think this is a serious privacy issue and I wonder if there is a way I can keep only the essential info available to people that can search for my domain name. Any idea?

Anonymous

You should be able to change that through your domain registar.

Douglas Mutay

Thanks, will have a look at it and see how I can do that.

Shahbaz Amin

I only knew of WHOIS
Thanks

Anonymous

I usually judge the trustworthiness of a website with it’s design and I don’t know why. Though I don’t normally buy online outside eBay and Amazon when I find something interesting and want to give my personal information I would search some reviews in Google.

Lisa Santika Onggrid

Yes. It’s a common sense to keep a firm eye over domain name. Email from your bank with second level domain name? Absolute No-no. Being extra careful won’t hinder your productivity, so if you haven’t, start paying attention to the URL you’re clicking.

Giggity Goebbels

Very useful