Everywhen issues six checks to spot unsafe websites
Everywhen has issued guidance to help organisations identify unsafe websites, as businesses and individuals face rising online fraud risks.
The advice sets out six checks users can make before visiting unfamiliar sites, from inspecting a web address to using browser and antivirus protections. It focuses on common warning signs linked to phishing pages, malware downloads and fake online shops.
A key part of the guidance is close scrutiny of the URL. Users are urged to hover over links before clicking, check that the destination matches what they expect, and look for unusual spellings, extra characters or unfamiliar domain endings that may suggest an imitation site.
Everywhen also highlights the difference between HTTP and HTTPS. The padlock symbol can indicate that a connection is encrypted, although it does not by itself confirm that a site is trustworthy.
Six checks
Another step is to use website safety checker tools. Everywhen points to services such as Google Safe Browsing and Norton Safe Web, which scan websites for threats and can flag pages associated with malicious activity.
The guide also recommends checking whether a site includes standard business information. Contact details, social media links and an About page can help users assess whether a company presents itself transparently.
Reputation checks are another part of the advice. Users are encouraged to review public feedback and note repeated complaints involving fraud, missing goods or poor service.
Visual and editorial standards are also cited as indicators. Poor grammar, spelling mistakes, broken links, outdated branding and low-quality imagery can suggest that a website has been hastily assembled or is not legitimate.
The final step focuses on software protections. Antivirus tools should be kept updated to block malicious downloads and phishing attempts, while browser settings can provide additional alerts about suspicious websites.
Threat landscape
The insurer presents the guidance as a response to a cybercrime environment in which fake sites are used to steal login details, gather personal information or trick users into paying for goods that never arrive. Such tactics affect both consumers and organisations, whose staff may click harmful links during routine work.
A spokesperson for Everywhen said: "Cyber criminals use fake websites designed to steal personal information, install malicious software and trick the unwary into revealing sensitive information. These methods include phishing scams, in which fake sites mimic real websites to steal login details, malware downloads that infect devices, and fake eCommerce sites that trick people into paying for products that are never received.
"Our guide, developed by our cyber experts, outlines six steps that can provide some protection for businesses and individuals against these increasingly dangerous threats."
The advice comes as insurers place greater emphasis on cyber risk prevention alongside cover. Businesses face growing exposure to online threats through employee devices, supplier links and customer-facing digital services, making basic website checks part of wider cyber hygiene.
While the guidance is written in accessible terms, it also highlights a broader challenge, particularly for smaller organisations. Many do not have specialist in-house security teams, leaving staff to rely on simple indicators such as web addresses, site presentation and browser warnings when deciding whether a link can be trusted.
Everywhen also stresses that updated antivirus software remains a first line of defence, with browser-based warnings providing an additional safeguard. It urges organisations to think carefully before engaging with sites that appear vague, lack basic company information or attract a pattern of negative reviews linked to suspected fraud.