The internet is filled with unscrupulous characters trying to scam or steal from you. One of the weapons in their arsenal is impostor or fake websites. As fake websites become increasingly sophisticated, it can be harder to spot them. But here are some ways that can help.
1
Scrutinize the URL
One of the most powerful tools in your arsenal against impostor websites is a careful examination of the URLs you’re visiting. Scammers, lacking access to the actual domains they’re trying to impersonate, resort to other tricks to deceive you. By scrutinizing the links you’re clicking on, you can often avoid falling victim to their ploys.
Look for Typos and Misspellings
A good way to identify an impostor website is to look for misspellings and typos in the domain name. Impostors often use domains that are almost the same as the genuine website URL, but with a character or two changed. For example, they may use paypa1.com to impersonate paypal.com or face6ook.com for facebook.com. It’s easy to miss such a domain name if you’re not careful.
Related
How To Buy a Domain Name For Your Website
Every website needs a domain name, and while there are lots of other things that go into running your site, the domain should be one of the first things you think about.
Watch for Use of Uncommon Top-Level Domain (TLD)
Besides misspellings, another tactic used by scammers is registering the domain of a genuine website with a different TLD or domain extension. TLDs are the last part of a domain name, such as .com, .org, .net, etc. Uncommon TLDs like .biz, .info, .xyz, and .cc are often used for this purpose. So, if you encounter an uncommon TLD in the website URL, you may want to double-check everything before proceeding further. While not all websites with uncommon TLDs are scams, a number of impostor websites do use such TLDs.
Recognize Deceptive Use of Sub-Domains
We often don’t look too carefully at URLs, and scammers capitalize on our absent-mindedness by using the name of a genuine website in the subdomain of a fake website to make it seem like it’s a legitimate website. As these subdomains don’t contain misspellings, it’s hard to catch them without careful observation. So, make sure the actual domain name belongs to the genuine website before proceeding further.
Be Alert to Domains With Extra Words or Hyphens
It’s a good idea to be wary of websites that have multiple words or hyphens in the domain name to appear legitimate. While it’s not unheard of for genuine websites to have hyphens or multiple words in the domain name, it’s uncommon. So, a domain name such as official-bank-of-america.com or google-login.net deserves your suspicions as it’s more likely to be used by impostors.
Check Domain Age
Impostor websites don’t have a long shelf life, as they inevitably get flagged once they reach a savvy user. So, scammers keep on registering new domain names for fake websites. This means most fake websites don’t have a long domain age, which refers to the time since a particular domain has been registered for use.
You can often weed out fakes by looking at the domain age of the website. The registration date of a domain can be found in its Whois record, which is a public record that contains information about who owns a particular domain name and how to contact them. One of the most trustworthy Whois record lookup tools comes from ICANN, or the Internet Corporation for Assigned Names and Numbers. ICANN is responsible for managing the global Domain Name System (DNS). Another popular Whois lookup tool is offered by who.is.
Related
Don’t Take the Bait on These Phishing Scams
Scammers want you to take the bait, but you’re smarter than that!
2
Check Website’s Security Certificate
Modern websites commonly offer encrypted connections to protect your data. This secure connection is often indicated by a padlock icon in the browser URL bar and a linked security certificate. If there is no padlock icon, you can click on the icon next to the URL in the browser address bar to see the connection security status.
The lack of a secure connection and the presence of an invalid security certificate are causes for concern. Even when you get a proper security certificate needed for an HTTPS connection, it’s important to check to whom the certificate was issued, as scammers can get SSL certificates for their fake websites. It’s a good idea to stay away if the certificate is not issued to the website you think you’re browsing.
3
Notice Amateur Mistakes in Content and Design
While fake websites are increasingly becoming quite sophisticated, they often can’t match the effort put into the content and design of a genuine website. So if you encounter amateur mistakes in the content of a link, such as typos, grammatical mistakes, and awkward phrasing, it may not be genuine.
Low-quality images, inconsistent branding, generic design, and layout issues are also red flags.
Related
I Take These 6 Simple Security Steps to Stay Safer Online
Outsmart Online Threats, Stay One Step Ahead!
4
Note Broken Links and Missing Information
Another hallmark of a fraudulent website is missing information and broken links. Scam websites typically only have a few webpages focused on stealing your personal or financial information. So, if you dig a little deeper, there is a good chance you will start encountering broken links that go nowhere.
The impostor websites also often lack information that you would typically find on a genuine website, such as an about page, contact details, and shipping and returns information in the case of an e-commerce website.
5
Beware of Risky Payment Methods
Payment modes offered by the legitimate version of SHEIN.
Legitimate businesses selling their services or products provide secure payment methods that are generally easy to use and backed by good buyer protection. So, the presence of riskier payment modes such as wire transfer, prepaid debit cards, gift cards, or random virtual currencies is worth investigating.
Some genuine websites may offer these not-so-common payment methods to help with privacy concerns, but unless you’re sure you’re dealing with a legitimate business, it’s best to stay away.
If you encounter a suspicious website but aren’t able to decide for yourself whether it’s legitimate or fake, several online tools can help assess its reputation and safety. Some of these online tools include Norton Safe Web and URLVoid. Remember, these are not foolproof and may not be able to identify all the fake websites. It’s best to use these tools with your own observations based on our tips to decide whether a link is legitimate or not.
7
Be Cautious of How You Landed on a Webpage
From where you ended up on a suspicious webpage can tell you a lot about whether you’re about to become a victim of a phishing scam. Unsolicited emails and text messages that scream emergency or promise an insane promotion or discount are often carriers of links to impostor websites. Similarly, social media ads or posts from unknown accounts or even unusual posts (after they get hacked) from known social media accounts can also send you to fake websites.
So, if you reach a suspicious website from any such source, it’s time to pause and take a good look at the webpage before proceeding. If you think you are on a website you know, it’s a better idea to manually type its URL in the browser and then navigate to the webpage you’re looking for.
Convincing fake websites are an unfortunate modern reality. These mirror legitimate websites and use the stolen information to commit fraud. However, if you remain vigilant and know the telltale signs of impostor websites, you can avoid falling into their trap. We have outlined some of the best ways to spot a fake website. But you may also want to know about a concerning PayPal scam, fake ticket scams, holiday scams, and Black Friday phishing scams to prepare for them.
