What Is a Trust Score? How ScamLens Rates Website Safety

Every day, thousands of new websites appear online. Some are legitimate businesses, others are carefully crafted traps designed to steal your personal information, financial data, or install malware on your device. The challenge is telling them apart -- and that is exactly what a website trust score solves.

A trust score is a single number, from 0 to 100, that represents how safe a website is likely to be. Think of it as a credit score for websites: the higher the number, the more trustworthy the site. ScamLens generates this score automatically by cross-referencing a domain against multiple professional threat intelligence databases and analyzing dozens of technical signals in real time.

If you have ever hesitated before entering your credit card on an unfamiliar shopping site, or wondered whether a link in an email was legitimate, a trust score gives you an objective, data-driven answer in seconds. You can check any domain's trust score right now for free.

The Problem: How Do You Know If a Website Is Safe?

Traditional advice tells users to "look for the padlock icon" or "check the URL carefully." Unfortunately, this advice is dangerously outdated. Modern phishing sites routinely use HTTPS, have valid SSL certificates, and register domains that look nearly identical to legitimate brands. A domain like paypa1-secure.com or arnazon-login.net might fool most people at a glance.

Manually checking whether a website is safe requires expertise most people do not have. You would need to look up the domain's registration date, check it against multiple blacklists, verify SSL certificate details, inspect HTTP security headers, and research community reports. No ordinary user can do all of that before clicking a link.

This is why automated trust scoring exists. ScamLens aggregates all of these checks into one score, doing in two seconds what would take a security professional fifteen minutes of manual research.

How ScamLens Calculates Trust Scores

The ScamLens trust score is not based on a single data source or a simple blacklist lookup. Instead, it combines intelligence from 9 or more professional threat intelligence providers, along with domain metadata, SSL analysis, security header inspection, and community feedback. Each source contributes evidence that either raises or lowers the score.

The system starts with a base score of 50 -- neutral territory. From there, every signal found during the scan either adds points (positive indicators) or subtracts points (negative indicators). The final score is clamped between 0 and 100.

Here is what each intelligence source brings to the table:

Google Safe Browsing

Google Safe Browsing maintains one of the world's largest databases of unsafe web resources, updated continuously from Google's own web crawling infrastructure. It identifies sites involved in phishing, malware distribution, and unwanted software. A clean result from Safe Browsing is one of the strongest positive signals in the scoring system, while a flagged result triggers a significant score penalty.

VirusTotal

VirusTotal aggregates scan results from over 70 antivirus engines and URL scanning services. When ScamLens queries VirusTotal, it receives a verdict from dozens of independent security vendors simultaneously. A domain flagged by 5 or more engines receives a heavy penalty; a domain flagged by even a single engine still sees a meaningful score reduction.

AlienVault OTX (Open Threat Exchange)

AlienVault OTX is a collaborative threat intelligence platform where security researchers worldwide share indicators of compromise (IOCs). ScamLens uses a granular four-level assessment -- clean, informational, warning, and danger -- based on the number and nature of threat pulses associated with a domain. The system also adjusts penalties for well-known, highly-ranked domains to reduce false positives.

IPQS (IP Quality Score)

IPQS specializes in fraud detection and provides a risk score for domains based on patterns associated with phishing, parking pages, and suspicious redirects. Domains with risk scores above 85 receive severe penalties, while clean results with positive confidence contribute a small bonus.

AbuseIPDB

AbuseIPDB tracks IP addresses associated with malicious activity, including hacking, spam, and exploitation attempts. ScamLens resolves the domain to its hosting IP and checks the abuse confidence score. High-abuse IPs hosting the domain indicate shared infrastructure with known bad actors.

URLhaus

Operated by abuse.ch, URLhaus is a project dedicated to tracking URLs used for malware distribution. A domain appearing in URLhaus is a strong indicator that it has been used to distribute trojans, ransomware, or other malicious payloads, resulting in a substantial score penalty.

PhishStats

PhishStats collects and indexes phishing URLs from multiple sources. Domains found in PhishStats have been independently verified as participating in phishing campaigns, making this a high-confidence negative signal.

SecurityTrails

SecurityTrails provides domain intelligence including historical DNS records, WHOIS data, and associated domains. ScamLens uses it to detect suspicious hosting patterns, domain age anomalies, and infrastructure shared with known malicious domains.

Cloudflare Radar

Cloudflare Radar provides domain popularity rankings based on DNS query volume across Cloudflare's global network, which handles a significant portion of all internet traffic. A high domain rank (top 100, top 1,000, or top 10,000) is a powerful positive signal -- extremely popular domains are almost always legitimate. Cloudflare also flags domains it has identified as malicious or involved in phishing.

Score Ranges: What Your Trust Score Means

After all intelligence sources are queried and technical signals analyzed, the final score falls into one of four categories:

70-100: Safe (Green)

Domains in this range have passed checks across multiple threat intelligence sources with no flags, have established domain age, valid SSL certificates, proper security headers, and often rank well in Cloudflare Radar's popularity index. These are typically legitimate businesses, established organizations, and well-known services. You can interact with these sites with reasonable confidence.

40-69: Caution (Yellow)

Domains in this range show a mixed picture. They may be relatively new domains that have not yet built a reputation, sites with some minor security configuration issues, or domains that have received low-confidence flags from one source. Exercise caution: the site is not necessarily malicious, but it lacks the track record and clean signals that define a trusted domain. Avoid entering sensitive personal or financial information without further verification.

20-39: Suspicious (Orange)

Domains scoring in this range have triggered warnings from one or more threat intelligence sources. They might be flagged for phishing by a single engine, hosted on IPs with abuse history, or exhibit characteristics common to scam sites such as very recent registration combined with a free TLD. Treat these sites with significant skepticism. If you arrived here via an unsolicited link, it is best to leave immediately.

0-19: Dangerous (Red)

Domains in this range have been flagged by multiple independent threat intelligence sources. They are very likely involved in active phishing, malware distribution, or scam operations. Do not interact with these sites under any circumstances. If you have already entered information on a site with this score, consider changing your passwords and monitoring your accounts. You can view currently tracked dangerous domains on our threats page.

What Factors Lower a Trust Score?

Understanding what hurts a trust score helps you evaluate websites more critically. Here are the most impactful negative factors:

Blacklist presence. Being flagged by Google Safe Browsing, VirusTotal, URLhaus, or PhishStats causes the largest score drops. A single VirusTotal flag from 5+ engines can subtract 35 points.

New domain registration. Domains registered less than 30 days ago receive a penalty. Scammers frequently register domains, use them for a few days of phishing campaigns, then abandon them. A domain under 30 days old with a basic DV certificate is a classic red-flag combination.

Suspicious TLD. Free or ultra-cheap top-level domains like .tk, .ml, .ga, .xyz, .top, .buzz, and .icu are disproportionately used for malicious purposes. While legitimate sites can use these TLDs, their statistical association with fraud triggers a score reduction.

No HTTPS or expired SSL certificate. Websites that do not support HTTPS lose points, and those with recently expired SSL certificates face a steeper penalty. A valid SSL certificate, especially an Extended Validation (EV) or Organization Validation (OV) certificate, contributes positively.

Missing security headers. Sites lacking HSTS (HTTP Strict Transport Security) and CSP (Content Security Policy) headers miss out on bonus points that well-configured sites receive.

Homograph attacks and brand impersonation. ScamLens includes specialized detection for internationalized domain name (IDN) homograph attacks -- domains that use look-alike Unicode characters to mimic legitimate brands. It also detects brand impersonation through TLD swaps (like google.xyz instead of google.com) and subdomain spoofing.

Negative community feedback. ScamLens allows users to vote on and report domains. High ratios of "suspicious" votes and multiple user reports contribute additional penalties.

How to Use the Trust Score in Practice

The trust score is most valuable as a quick first check before you interact with an unfamiliar website. Here is a practical workflow:

1. Before clicking a link in an email, text message, or social media post, copy the URL and paste it into ScamLens to see its trust score.
2. Before making a purchase on an online store you have never used, check its score. Legitimate e-commerce sites almost always score above 70.
3. Install the ScamLens browser extension to get automatic trust score warnings as you browse. The extension checks domains in real time and alerts you before you land on a dangerous page. Get the extension here.
4. Read the full report, not just the score. ScamLens provides detailed breakdowns showing exactly which intelligence sources flagged the domain and why. This context helps you make informed decisions rather than relying on a single number.
5. Check the community section of the report. Other users may have already reported the domain as a scam, often with specific details about the type of fraud involved.

Remember that no automated system is perfect. A high trust score means the domain has no known negative signals, but it does not guarantee the site operator's honesty. Conversely, a low score on a legitimate new business might simply reflect its lack of history. Use the score as one factor in your decision-making, alongside common sense.

Trust Score vs. Other Safety Tools

You might wonder how ScamLens compares to other website safety tools. Here is an honest comparison:

Google Safe Browsing (built into Chrome) warns you only after Google has already flagged a site. It has high accuracy but relatively slow coverage -- new phishing sites can operate for hours or days before being flagged. ScamLens queries Safe Browsing as one of its many sources, but supplements it with 8+ additional intelligence feeds for faster, broader detection.

VirusTotal is an excellent tool for security professionals, but its raw output -- a list of 70+ engine results -- is overwhelming for everyday users. ScamLens translates VirusTotal data into an easily understood score component.

Browser-based warnings (Chrome, Firefox, Edge) rely primarily on Google Safe Browsing or Microsoft SmartScreen. These are binary (safe/blocked) and provide no nuance. ScamLens offers a spectrum from 0-100 with detailed explanations.

WHOIS lookup tools show domain registration data but require expertise to interpret. ScamLens automatically factors domain age and registrar information into the score without requiring you to understand WHOIS records.

The key advantage of ScamLens is aggregation and simplification. Rather than checking five different tools and trying to synthesize their results yourself, you get a single score backed by all of them, with a detailed report explaining the reasoning.

Frequently Asked Questions

How often is the trust score updated?

ScamLens queries all intelligence sources in real time when you request a domain report. Results are cached briefly to improve performance, but each check reflects the latest available data from all providers. Threat intelligence databases themselves are updated continuously -- Google Safe Browsing multiple times per hour, and community threat feeds like URLhaus and PhishStats multiple times per day.

Can a website's trust score change over time?

Absolutely. A new legitimate website might start with a moderate score (around 50) due to its young domain age and lack of reputation data. As it ages, gains traffic, and accumulates clean checks, its score will naturally increase. Conversely, a previously safe domain that gets compromised and used for phishing will see its score drop as threat intelligence sources flag it.

Is the trust score always accurate?

No automated system achieves 100% accuracy. False positives (legitimate sites flagged as suspicious) and false negatives (malicious sites that appear safe) can both occur. ScamLens minimizes false positives by using rank-adjusted penalties -- well-known, highly-ranked domains receive reduced penalties from ambiguous intelligence signals. The multi-source approach also reduces false negatives, since a domain must evade detection across all 9+ providers to maintain a high score.

What should I do if a site I trust has a low score?

First, review the detailed report to understand why the score is low. If the site is new, the low score may simply reflect a lack of history rather than actual malice. If specific threat sources have flagged it, that warrants genuine caution regardless of your prior trust. You can also contribute to the community by voting the domain as safe if you have verified its legitimacy, which helps improve the score for other users.

Does the trust score check the content of a website?

The trust score is primarily based on domain reputation, infrastructure signals, and threat intelligence data rather than page content analysis. However, ScamLens also offers a separate content analyzer that can examine specific text, emails, or messages for scam patterns. Used together, the trust score and content analyzer provide comprehensive protection.