The other day I heard a radio commercial claim that more than half of all health-related Web sites are fronts for law firms trolling for potential malpractice-suit clients. I immediately doubted the ad's claim. First, it didn't cite a source for the high percentage of illegitimate health sites it stated. Second, it was an ad itself (for a law firm trolling for potential malpractice-suit clients, of all things). And third, it glossed over the actual name of the firm, but repeated its toll-free number over and over.
Still, the ad got me thinking about all the bogus Web sites out there, and how people can protect themselves in the absence of any third-party monitoring of Web information. There are some controls in place for making safe Web purchases, principal among them are Secure Sockets Layer (SSL) certificates, which are designed to ensure the security of Web servers. When you visit an SSL server, it places a small lock icon in the bottom-right corner of the browser window, and the URL in the address bar begins with "https:". Even these can be spoofed, however, so they shouldn't be your only consideration when deciding whether to trust a site with your credit card numbers.
Ultimately, when it comes to verifying any site's trustworthiness, you're on your own. Here are some tips and resources to help you decide for yourself which sites you can believe.
Start with the URL
Before you follow a link returned by a search engine or posted on some other site, mouse over it and look at the status bar at the bottom of the browser window for hints about the site. If you don't see this information, click View > Status Bar in either IE or Firefox.
The text between the double slashes and the first single slash is the server ID. If it's an ISP's name, such as "aol" or "geocities," the site is a personal page. (The server ID will usually be followed by a tilde or other character, and then a user name.) This doesn't mean the page is untrustworthy, just that the person or organization hasn't purchased their own domain name.
Unfortunately, you can't tell much from the domain extension, or top-level domain. The popular .com and .net extensions are used by commercial and non-commercial entities, as are .org--which was intended solely for nonprofits--and the various country codes, such as .ca for Canada and .de for Germany. The first three are unsponsored, as are the newer domains .biz, .info, and .name. There are also several sponsored TLDs, which are "controlled" by a third party. These include .aero, .asia, .coop, .mobi, .museum, .pro, and .travel. Of these only .mobi has gained traction among Web developers eager to attract mobile-phone users.
Once you're on the site, look for an About or Biography page, which should give you a clear indication of the site's purpose and intended audience, as well as the qualifications of its authors. Also check for a Contact page that includes a physical address and/or toll-free telephone number. Keep in mind that these site elements are also easy to spoof. Two other early indications of a site's validity are the presence of a date on the page, and the inclusion of links to information relevant to the subject at hand, and not simply some Ajax widget that displays headlines from some other site automatically, or (more likely) a list of unrelated text ads.
Check the site's links
It's not uncommon for sites to fill their pages with links to other popular sites in hopes of raising their profile among search-engine spiders. To view a list of sites that link to the site in question, type link: followed by its URL in Google's search box, and press Enter. You can also enter the URL at Alexa.com, if it's one of the top 100,000 sites on the Web, to get a snapshot of its traffic, as well as what sites link to it.
Look for the site in a Web directory
There are some credible third-party Web directories that help you find topic-specific sites you can trust. The Librarian's Index is a bit dated, and it doesn't include some of my favorite technology resources, but it covers a range of topics almost as broad as the Web itself. A consortium of college and university librarians led by the University of California at Riverside created Infomine for their students and staff, but it lists many reliable Web sources in non-scholarly areas as well. One of the best consumer-focused Web directories is at About.com.
The ring-of-truth test
Even information on sites with reputations for reliability can be suspect, as shown by recent revelations about bogus postings on Wikipedia. The more important the information, the more sources you should use to corroborate it.
Along with a clear and consistent statement of purpose, a site should be grounded in the real world, with a physical address, a URL that matches its name, and references for its authors. It should also be easy to use, clearly laid out, and bereft of typos and broken links. And that old maxim is as valid on the Web as anywhere else: If it seems too good to be true, it probably is.
Friday: convert any Office file to PDF for free.