Incorrectly assessing digital information has many repercussions for users: from downloading malicious code in open-source software repositories, to becoming a victim of misinformation. Study 1 was a systematic review (N = 63 studies) of the digital symbols and signals that communicate trust when assessing digital information. The results suggested trust signals and symbols were grouped into three themes of social proof, verification to reduce variance of risk, and expectancy violation theory. Study 2 (N = 20 participants) was a thematic analysis exploring whether expertise influences the use of trust signals and symbols in open-source software libraries. Results indicated that differences exist between expert and lay users when utilising trust cues to assess digital information. The implications for these studies are that ways in which people use trust cues create vulnerabilities for malicious actors to exploit through a range of possibilities. Researching which digital trust signals and symbols are utilised by users (when assessing the trustworthiness of digital information) may help to inform how to mitigate said vulnerabilities.