Learn to Identify and AVOID Fake Websites
Identify theft is real and is a thriving enterprise. Fortunately, there are steps you can take to reduce your risk. Many of those steps have to do with the types of websites you visit. In some cases, as much as clicking on the link of a fake site can release sensitive personal information to digital scammers. Protect yourself and your identity by following these best practices!
Digital “scammers” try to trick you into exposing your personal or financial information – and they get more sophisticated every day. Watch out for these tactics:
1. Missing or Fake Navigation: Low-quality graphics or limited navigation; site doesn’t look as you’d expect.
Legitimate company websites feature a “navigation bar,” which includes ways to contact them. Today, sophisticated scammers are adept copycats – mirroring the sites they impersonate. If you suspect a spoofed website, open a new browser window and directly type in the URL for the website you want to visit, then navigate to the link relevant to you.
2. Fake URL: Slightly misspelled variations of well-known sites.
Always check the entire domain name, not just the beginning. Some scammers add extra characters to legitimate domain names. Here are some examples of spoofed URLs, using the hypothetical business: “Company”- http://www.company.useraccount.com or http://www.comp.any.com
Legitimate URLs should start with “https” to indicate a secure connection.
Don’t fall for fake websites that use a different domain extension than the legitimate business or organization you’re looking for! Be especially careful when clicking on search results. Example: .com or .org?
Also, be aware of URL “shorteners,” which legitimate companies or organizations rarely employ. Reference a service like https://linkexpander.com to retrieve the original URL from a shortened link before clicking on it and visiting the destination.
Be vigilant and educate yourself by searching online for the latest scams. If you feel uneasy, call a company directly.
3. Fake Form Fields: Additional fields requesting more than your username and password.
These can be designed to mimic the real thing. If in doubt, enter a fake password, since most phony sites will accept false information. Tip: Use “two-factor authentication” when available. (This is when a site requires username and password AND an additional verification code or identifier, which is generated by the site and provided only to you.)
Source: Buffini & Company