Fake or scam websites are increasingly becoming a common trend. The Street reports that consumers lose around $283 to $588 for each transaction in false airline bookings while Airlines lose about $2.4billion to $4.8billion each year.
Another popular version of fake website scam is fooling consumers into signing up for counterfeit offers. According to this news article published on NZ Herald, scammers set up numerous clone NZ Herald websites with one of them even promising a mass iPhone giveaway.
The goal of the scammers was to either fool users into signing up for a $115 per month subscription service or steal all the money in their bank accounts.
Now, these types of scams are so sophisticated. Once the scammers have gotten your data, they can do anything with it. From making your account dry or signing you up for a subscription service which is very difficult to cancel, they can wreak any havoc in your life.
If you suspect that you’ve fallen for such kind of scams and blindly gave out your credit card details, your best bet would be to get in touch with your bank immediately. Please explain the issue to them, so they cancel the card and give you a new one.
A good number of unsuspecting internet users fall for these scams because some are a bit more personal. The scammers usually try to capture every minute detail about you to make the fake offer more convincing
Because of this, you should be a bit more careful when browsing offers online. Sometimes it’s all up to you to avoid being duped.
Here’s a breakdown of some of the red flags to look for when you suspect a scam/phishing website in 2020.
1. The Address Bar Says It All
A legit site should have HTTPS instead of HTTP. The ‘S’ here stands for secure and means that the site is using a valid SSL Certificate.
The certificate, in this case, helps encrypt all the data that are shared on the site to protect users from malicious perpetrators that may be looking to intercept and even maliciously modify data in transit.
HTTP might not be the only indicator that the website is fake, but it should let you know that the website is insecure; thus, you shouldn’t submit any confidential data. Apart from the HTTPS, the site will also show a padlock sign.
The address bar may also be highlighted in green in EV SSL certificate type. Most browsers like Google Chrome and Firefox will warn you off insecure sites by displaying a not secure warning when you land on the pages.
2. Verify The Domain Name
Domain spoofing is another popular trick method for luring unsuspecting internet users into falling into scam traps. The scammers assume that you’ll probably miss the spelling mistake in the domain name and proceed to display fake offers to trap you.
Before submitting any data online, be sure to review the domain name to ensure that it’s correct. When not sure about a specific domain name, be sure to google the business name to get the right domain name and address.
3. Odd Spelling And Poor Grammar
Normally, even legit websites may have occasional grammar or spelling mistakes. For fake or scam websites, though, in most cases, these mistakes and errors are put intentionally.
Here’s the reason why;
A scammer’s primary goal is to make quick money. Because of this, he/she is not interested in people who will respond to their offers but those that will fall prey to their traps.
Because of this, most scammers skillfully insert enough clues to extract responses from people who are not sufficiently susceptible to fall for their baits. They also know that most people are not great writers; therefore, they assume that the target would relate and build a rapport with them outright.
Keep off websites with too many grammar mistakes and odd spellings.
4. Check The Website’s Domain Age
Most consumers do their online shopping during the holidays with Cyber Monday and Black Friday being some of the busiest times of the year. The cybercriminals know this and therefore tend to quickly setup clone websites of significant businesses to steal from the consumers during these times.
One of the quickest ways of detecting a clone website of a reputable brand like Amazon is by checking at the domain name spelling; for example, it might be written as Amaz0n instead of Amazon.
Others may be difficult to spot like in the case of the cloned NZ Herald Website. The cloned website even had a fake article announcing an Apple giveaway for iPhones 11 pro.
It also featured an alleged ‘fire’ incident and an advertisement where the iPhones were being given out for free because they couldn’t be sold with damaged packaging. The advertisement in the misleading article was designed to direct the target readers to another fake malicious Apple website. On this phony website, it was purported that you can buy an iPhone for just $1 when their main goal is to steal your credit card details and pin when you attempt to make the purchase.
You can avoid these traps by checking the web site’s domain age, so you know the period it has been active. A simple tool that can help you verify a domain age is the Whois Lookup Domain Tracker.
It will give you all the relevant information that pertains to when the domain name was registered, the location and most importantly, the total duration when the website has been operational among other details. These data should help you distinguish a legit site from the numerous clone websites that are set up to steal confidential user data.
5. Look For Security Trust Seals
Security trust seals are like trust badges. They’re displayed on websites whose owners have invested in customer’s security.
You’ll most certainly come across them on pages like login pages and checkout pages etc. They’re easy to recognize and serves as valid proof that any data shared on the website is safe.
Here’s another twist; People already know what these badges mean, and it’s possible to proceed to submit confidential data on any website with such seals without checking whether the badges displayed are legit or not.
In a bid to fool targets, a hacker can easily copy and paste or download the trust badge images and randomly display them on the fake websites for you to see. The difference between a legit and phony trust seal, however, is that the legit ones are clickable.
When you click on one, it will open to show that the SSL Certificate used on the website is valid and in the right working condition. It will also give you insight into the additional security mechanisms that have been used to ensure maximum security on the site.
So, when you spot a trust badge, be sure to click and open it to confirm that it’s legit.
There are numerous scam and fake websites on the net. It all depends on whether you can spot the flaws to avoid being duped or not. When not sure about a website’s security, google the website, and you’ll get all the information you need. Trust your browsers and don’t overlook a security warning on your browser when browsing the internet.