cta quote button US

5 Ways to Recognize Spoofed Websites

The statistics on Internet fraud, specifically through phishing attempts, are staggering. Phishing is a method of getting people to reveal their confidential information through fake or “spoofed” emails or websites that look legitimate. Phishers often copy popular sites to trick people into entering their passwords, account numbers or banking information. According to a report by the Anti-Phishing Working Group, the number of phishing websites increased 25 % from 2015 to 2016. This type of Internet fraud costs victims and companies approximately $4.5 billion per year. Scammers are continually devising new methods of preying on Internet users, and while they frequently target sites that deal with financial information, phishers also steal passwords, Social Security numbers and other personal information. Here’s how to recognize a spoofed website and avoid being a victim of fraud.

1. Look for the “s”.

if_user_close_security_103764Sites that involve financial transactions such as banking or shopping should use a secure connection to ensure that any information conveyed between the browser and the server is encrypted. Always verify that the site is secure by making sure the URL in the address bar starts with “https://”. The “s” stands for secure and means that the site uses secure socket layer or transport layer security (SSL/TLS). Websites that use SSL/TLS will display a closed padlock in the status bar when they ask for your password or personal or financial information. Spoofed websites don’t have this because scammers don’t need the SSL certificate – they shut their sites down when as soon as they collect the information they want.

2. Check the URL

if_link_pagechacked_link_1770754If a website is unsecured, check the URL in the address bar. All URLs follow a basic format (http://domain.tld/). TLD is the top-level domain, which may be com, net, org, edu or something else. When you type a URL such as “http://google.com”, Google is the domain name and com is the TLD.

The authentic domain name and the top-level domain are usually on the first part of the URL before the single slash. A valid Google URL looks like this: http://google.com/ An invalid URL looks like this: http://google.images.com/

In the valid URLs, the domain and the TLD is followed by a single slash, and the rest of the address comes after the slash. Note that the second URL does not take you to Google Images. Phishing websites use URLs that sound official or are similar to well-known URLs but are completely fake.

3. Check the contact information.

if_user_profile_contact_avatar_check_account_select_1321091Legitimate websites for financial institutions such as banks and credit card companies publish their contact information. If you call the phone number on the website during normal business hours and hear an automatic voice messaging system, this should be a red flag. Also, check any email addresses listed on the website – the part of the email address after the “@” should include the proper domain and TLD. Be suspicious of contact email addresses that use free email providers such as Gmail or Hotmail.

4. Check the details.

if_9_264854Legitimate companies are very particular about their public image. You’ll rarely see any grammatical errors misspellings or typos on their websites. For the phishers, it’s all about getting your information. You may see unusual grammar mistakes, oddly formal language or poor-resolution images and logos. While some spoofed sites look convincingly legitimate, most phishers are in a hurry to collect your information and overlook these details.

5. Do your research.

if_basic2-067_checkbox_list_to_do_169993Be suspicious of websites that you’ve never heard of or dealt with before, especially if you get there through an email link. Do a search for reviews on the company name or the URL and avoid sites that have too many negative reviews and comments or that have no other online presence.

Need Inspiration? Check Out Some Related Projects and Tasks

Professional Web & Graphic Designer

Summary We are a business technology specialist, providing solutions, services and technology to enhance business performance. Our image must be high-tech, rather cosmic and ... (United States)

Switch An Old Site To Wordpress Using DIVI.

Need to switch an old site to Wordpress using DIVI. Would like the feel / design to be improved, more up-to-date, & "cleaner," than what we currently have, and transfer all pages / data to Wordpress. ... (United States)

Site Marked As Deceptive By Google For Phishing

Not sure why my site is marked as deceptive but I believe we were hacked a month or so ago so maybe there is something loaded onto the site. The site is on wordpress and I am looking for someone to ... (United States)

Gmail Relay For Smtp

We have a server that uses a gmail account to send out emails, we have one SMTP - and 5 servers sending emails out. Need to know if someone knows how to setup gmail relay for smtp - because emails ... (United States)

-
These results are based on the freelance jobs extracted from Upwork.

If you think your friends/network would find this useful, please share it with them – We’d really appreciate it.

Leave a Comment

We would be glad to get your feedback. Take a moment to comment and tell us what you think.