Despite our best technological advances, identity theft and credit card fraud are still huge problems on the Internet. Scam artists routinely construct fake online stores that exist to steal your credit card number, take a payment from you, and send you junk (or even nothing at all) in return. If you don’t know how to spot a suspicious check out page on a website, you’re putting yourself in danger. Thankfully, there are several reliable qualities that secure checkout situations have in common, and we explain how to find them and what they all mean below.

Look For “HTTPS” In Address Bar

When you arrive at any new check out page you haven’t used before, check your browser’s address bar for “https://” preceding the website address. This protocol literally stands for “http secure,” and companies who use it are required to take certain measures to protect the privacy of their customer’s information. To get a working https protocol, a website must purchase strong encryption from their web host, or install it themselves and get a security certificate from a recognized authority. Go Daddy, one of the largest web hosting companies in business, describes their https service as “…powerful 256-bit encryption,” which would make it nearly impossible for hackers to intercept your personal data.

In addition, most major web browsers (including Internet Explorer and Mozilla Firefox) go a step further and verify the security of any https website before connecting you. Since all https sites must have a verified security certificate installed, your browser will often check the validity of that certificate and warn you if it is expired, falsified, or otherwise. “If the certificate is no longer valid, you will receive an error page that states why the certificate is not valid and you will not be able to access that website,” Firefox explains. Therefore, if you are easily connected to an https website without issue, there is very little chance of encountering security issues.

Check The Sitejabber Database

One of the quickest ways to spot a known scammy website is to search for its name in the Sitejabber database. Sitejabber enables anyone who has been scammed or mistreated by a website to publish a review about it and warn future consumers against making the same mistake. Alternatively, if the Sitejabber community loves a particular site, finding it to be a safe and reliable place for consumers, the site can be positively reviewed and featured in the “Find Good Sites” area.

Sitejabber does not take money from any of the websites or businesses reviewed on it, unlike the companies that provide privacy and other certification seals. Business are able to display these seals only after they pay for them.

A Clear Return Policy

There are certain basic components that every fair online seller should have in place, and a clearly stated return policy is chief among them. If you are wary of buying something from a particular website, you should immediately begin to wonder what rights you have if they send you a broken or damaged item. Any website performing a legitimate service, that isn’t out to scam their customers, will provide a return policy to accommodate these and other common complaints. The lack of one, or one that makes it unnecessarily complex to qualify for a refund, is a sign of seller with a trick up his sleeve.

A Customer Service Phone Number

Another sign of a company without anything to hide is a working toll-free customer service number. Look for any page on the site labeled “contact us” or something similar, and check to see if they offer phone support. If a number is listed, give it a ring and make sure you can get through to a live person. Any company willing to readily connect its customers with service agents is probably not in the business of ripping everyone off.

Keep in mind that this is one sign that should be considered in relation to the other factors. Email-only support isn’t necessarily bad, especially if the site uses https, displays a valid security certificate, and offers a fair return policy. Lacking such things, email-only support (or no posted means of support) is extremely fishy, as it suggests a company who doesn’t want to be contacted after a sale is made.

Check For Trustworthy Domain Extensions

Sometimes a website’s domain extension is cause for suspicion. Beware of websites that use third-rate extensions like .biz, .tk, and .us, as these domains are very cheap to register and are often purchased in mass quantities by scam artists. Keep in mind that this concept does not work in reverse — just because .com, .net, and .org are the strongest domain extensions does not automatically make them safe. Much like the absence of a customer service number, the red flags should only go up if a company uses a cheap domain extension in combination with several other warning signs.