Shopping & E-Commerce · Global

How to Check If an Online Store Is a Scam Before You Buy: A Realistic Checklist (Beyond Just One Trust Score)

You saw the ad on Instagram, the discount looked aggressive but not impossible, and the site had the little padlock icon next to the URL. So you bought. Two weeks later, no tracking number, no reply to your emails, and a card statement showing a charge from a company whose name doesn't match the store you thought you paid. This is one of the most common frauds online precisely because the tools scammers use to build trust — HTTPS, a modern storefront template, a checkout page — are the exact same ones legitimate stores use, and take a fraudster under an hour to copy.

What HTTPS actually tells you (and what it doesn't)

The padlock icon means your connection to the site is encrypted — nobody can intercept the data traveling between your browser and the server. That's it. It says nothing about whether the person running the site is honest, whether they'll ship what you paid for, or whether the "store" even exists past a checkout page connected to a payment processor. Getting an SSL certificate takes minutes and is often free. Treat HTTPS as a baseline requirement, not a trust signal.

Domain age and website checkers — useful, but not gospel

Tools like ScamDoc and similar website-trust checkers scan a domain's age, WHOIS registration data, hosting reputation, and blacklist history to produce a trust percentage. The underlying logic is sound: most scam stores are registered weeks before launch and disappear within months, so a domain that's only three weeks old with hidden registrant details is a genuine red flag worth taking seriously.

That said, it's worth being honest about the limits of these tools rather than treating a single score as a verdict. Independent reviews and technology writers have repeatedly flagged that services like ScamDoc use proxy signals (domain age, hosting, WHOIS visibility) rather than verified data about whether a business actually delivers what it sells — and that legitimate new or small businesses are sometimes unfairly flagged simply for being new, with little practical way to correct the score. Use a trust-score check as one input that tells you whether to dig further, not as a single yes/no gate before you buy.

A fuller checklist — because no single tool catches everything

Why this actually matters at scale

This isn't a fringe problem. The FBI's Internet Crime Complaint Center (IC3) recorded $16.6 billion in total reported consumer losses in 2024 alone — a 33% increase from the previous year — and non-delivery and imposter scams, frequently run through fake storefronts advertised on social media, remain among the most commonly reported categories. The pattern is consistent enough that US Treasury holiday-season advisories specifically warn that social media ads routinely direct shoppers to fake online stores that never ship anything.

If you already bought and think it's a scam

Contact your card issuer immediately to ask about a chargeback — the faster you flag it, the stronger your case. Report the store to the FBI's IC3 (ic3.gov) so the pattern gets logged nationally, and leave a factual review describing exactly what happened, since that's often what warns the next person off before they check out.