Are Websites That Don’t End in .Com Safe?

James Murray /
shutterstock 374648065

Many people are used to seeing websites that end in .com. However, as the Internet expands and more people and businesses make websites, more endings are appearing. Users are finding sites that end in suffixes we’re not used to, such as .ly, .co, and even words like .beer or .loan. 

The concern for many consumers is that these web address endings might lead to fake websites that are scams or hackers. With identity theft always a concern, new or unusual URL endings to web addresses might draw suspicion. So which URL endings should you avoid to keep your data and Internet network safe?

What Is a Domain Extension?

The last part of a standard URL is called a domain extension, or top-level domain (TLD). In the early days of the Internet, each popular TLD had a specific meaning associated with what type of organization hosted the site. The familiar .com, for example, originally stood for “commerce,” indicating that the website was for sales or promotion. 

However, .com eventually became so popular that it became the standard domain extension, as well as the most desirable. Many people assume that it is the TLD of most websites, and some even enter it subconsciously out of habit because it is so prevalent.

Other Common Domain Extensions

.Com is only one of many TLDs that we most often see on the Internet. There are two types of domain extensions – generic top-level domains that anyone can use, and sponsored TLDs that are limited to specific domains.

  • .net is often associated with techies but has also become the alternative domain if .com is not available. 
  • .org was once for nonprofit organizations, communities, politicians, and political parties. Its use has also expanded beyond this scope. Wikipedia, for example, is a .org.
  • .edu is a sponsored extension for educational institutions, usually colleges and universities. 
  • .gov is a sponsored extension for government offices, such as Social Security, the IRS, or your local clerk of court.
  • .mil is reserved for military websites.
  • Country code top-level domains are sometimes generic and sometimes sponsored. It depends on the country. Country code TLDs like .ca for Canada, .uk for the United Kingdom or .us for the United States are available to any citizen, corporation, or nonprofit with a physical presence in the country. Other countries sometimes allow their codes to be registered by anyone. An example is .co, the country code TLD for Colombia that has in recent years succeeded .com as the commercial extension.

Alternative Domain Names

The Internet is getting bigger and more expansive, which has also expanded the different TDLs people use when designing their sites. Some of these are amusing and catchy ways to complete a word or phrase in the web address, such as or Custom extensions have become popular and more companies are offering them, which can make it harder to figure out which sites are reputable.

How to Tell if an Extension Is Safe

Even with the explosion in alternative domain extensions, there are no domains that are absolutely trustworthy or certain to be scams. Not all alternative extensions are scams, and some common extensions might still have scam websites, so it pays to know how to tell which is which. Some newer domains are more likely to be scams than not, while the sheer number of .com and .net sites also invites a greater probability of fraudulent sites.

There is no hard rule for telling if a site is trustworthy or not, but there are plenty of clues that users can easily find. Malicious actors on the Internet use a technique called social engineering, which means they trick you into giving away your own information. While paying attention to the domain extension can be one way of avoiding a scam, there are a few others.

When you hover your mouse over an ad or hyperlink, your browser should display the web address in the lower left-hand corner. Before clicking on any link, you should always check to see where the link goes.


Phony charities are one of the most common sources of fake links, and often turn up during catastrophic events. Users are tricked into giving away personal information and credit card numbers because they believe they are helping people in need. Localized events such as earthquakes and hurricanes draw many such scams, but even global events like the COVID pandemic inspired numerous fake websites. Always be watchful of donating online, or confine your donations to reputable charities.

Money and Giveaways

There is an adage that says that if something is too good to be true, it’s probably a scam. Hackers create websites and phishing emails to trick users into believing they can receive money or prizes by clicking the link. They take advantage of iconic events like the Super Bowl or the FIFA World Cup to lure users into thinking they are winning tickets or merchandise. Of course, users have to give away all manner of personal information or they cannot claim the prize.

Jobs and Loans

.job and .loan have become popular extensions for scammers to exploit. Job scammers will use .job to lure unsuspecting job seekers by offering easy employment with high salaries. The user just has to spend a little money or cash a check for the company before they can officially start. A similar scam lures in people looking for financial assistance in the form of loans and credit cards. By preying on people who need money, scammers can convince people to give away personal ID or bank account information.


Some scammers do a really good job of mimicking a real site. The best sites even look like their reputable counterparts, including fake Red Cross sites, phony sites imitating major banks or institutions, and sites pretending to be well-known for-profit businesses. 

The biggest corporations will often purchase their web address with several domain extensions at the end of it to ensure no one else can use them. This means scammers have to make subtle changes to things in the web address. Look for misspellings in the web address before you click, especially if the ad or email containing the link also has bad spelling and grammar. 

If you do get tricked into clicking on a link, there are a few things you can look for to ensure you’re not giving information to malicious actors. Some institutions must have approval from another organization, such as FDIC. Symbols indicating this will be on the reputable sites, but not the scammers’. Most reputable companies also pay a lot of money to make sure their websites are well-written and informative, so if the text doesn’t make any sense, you might be on a scam site.


The best way to tell if a site is reputable is to look it up on ICANN’s Domain Name Registration Lookup. ICANN is the International Corporation for Assigned Names and Numbers and is a non-profit organization that oversees the registration of new domains. Their lookup site is in place to help safeguard users from fraudulent sites by keeping a database drawn from their licensed registrants. When you input a web address into their search engine, it returns a report that includes who the site is registered to, when the registration expires, and even who to contact if you suspect abuse.

Internet that Keeps You Safe

We shouldn’t hide from the Internet just because there are hackers and scammers. We just need to be safe, just like in our offline lives. Following basic Internet safety can be as easy as having the right Internet plan and keeping your passwords updated. Some plans offer add-on options that help protect consumers from scammers. To compare plans and find out what is offered in your area, use Compare Internet or call 1-833-933-2468, and browse the Internet securely!