In the this digital era, almost every aspect of our daily lives is mirrored on the Internet via social & professional networking sites, banking portal, e-commerce portals et al. You log into these sites and part with all the crucial information like credit card details. This personal data translates to moolahs for cyber criminals and fraudsters. They set up fake websites to deceive unsuspecting people. But it is not only fake websites that want to steal your financial information –there are fake social media profiles also whose goal is to just create nuisance.
After investigating fake websites, phishing and other fraudulent websites, I realized they are actually easy to identify as most of them have common traits to look for. This article will help you identify the fake websites. So no more duping!
Protect your Data
With day-to-day life becoming increasingly dependent on the Internet, the ability to detect fraudulent or fake websites is becoming all the more important. Always be careful who you trust with your information, because most online transactions are vulnerable to scams like phishing, cheating by fraudulent websites and charities, spam and phishing emails, pop-ups etc.
You do not want to enter secret data like bank details, credit card details, passwords etc. into a website that will outrightly steal it. I have seen many such fake websites. It is scary to see so many such fraudulent websites as their sole purpose is to steal information.
Fake Websites: How to Identify Them?
So, how do you know if a website is legitimate and if it is safe to part with your personal data? In this section I will share a list of common traits to look for to assess the authenticity of a website.
Domain Name
Some fraudulent websites use a domain name similar to a brand name. For example www.fabindiadiscounts or www.clubmahindraoffers (these are not real websites but just examples). When you look at such URLs they appear to be authentic because of their association with reputed brands. But it is unlikely that such big brands will create a separate website for their discounts/offers. Their own websites receives hundreds of thousands of visitors every day — so they would offer such discounts on their own website rather than on a new one.
You can perform a Google search for the domain name. A real website will have references from other websites as well. In Google search if you do not find any such reference from other websites, be careful you are about to be duped! The website could be fake!
To avoid trouble from fake domains, always look at the domain name of the site you are on. If you get an email from your bank or other online vendor, do not click the link in the email. Instead, type the domain name in your browser to ensure that you are connecting to the real website.
Missing Contact Information
Any website that does not include contact information but includes a form to fill in with your personal details could potentially be a fake website! Check that the contact address on the website and the one in the whois lookup matches. A company that offers services and products must have an address, phone number, a privacy policy and an email id to contact them. If the website is selling products then check for its return and shipping policy. If it is missing, they only want your details!
Here is an example I found from a fake website (of a psychic) that does not have any contact details but wants all your personal details to change your destiny.
Check the Contact Information if Available
If the contact details are available, check for the authenticity of those details. Call on the phone number given, email them to check if it really works. If no one attends the call during normal working hours or the call is diverted to automatic voice messaging or if email bounces — you better be cautious.
Check for Language and Grammar
Language of a website can give an idea about the quality of the website. Most websites are in English language. Check the language, spellings and grammar. Atrocious content and too many spelling mistakes mean an obvious fake website. Not only the website content but even the testimonials published on the website could be full of grammatical mistakes and with unbelievable claims.
Carefully look at the content and photos on the website to make sure they are original and related to the company’s products and services. Legitimate websites always publish original and authentic content and will never copy contents from other websites. The fake Indian websites mostly use pictures of Western males and females to lure people. It is a common trait to look for in the work from home sort of websites. Such websites often provide a contact address which is unheard of. A company located in a god forsaken place has satisfied Western men and women for their “work from home” projects? Hard to believe, right? So don’t! Any website that claims to offer jobs, freelance projects, work from home options and asks for a paid registration or a one-time payment for training or project kit should be avoided!
Checkout the Address Bar
Check if the site is verified by Google. Most safe websites will be verified, and the address bar will display either a location or a safety ranking. Look at the website address in the address bar of your Internet browser. Verify that the website or links do not jump to a wrong page.
To check if the website is safe for browsing type:
https://transparencyreport.google.com/safe-browsing/search
in the address bar (replace example.com with the site you want to test. Google will give a report about the website. When I tried checking the safety ranking of the fake psychic website, Google reported No available data for the site.
Read through the website’s terms and conditions before doing business with them. Verify if the terms and conditions make sense.
Check the WHOIS Lookup
Do a domain WHOIS lookup to see who owns the domain. The lookup will tell you the registrar, domain creation and expiry date, and contact details. As I have said that the fake website mentioned above did not include contact details on the website. However, using the WHOIS lookup, it was easy to confirm that the domain was owned by a company in Kirkland (USA), while the so called psychic is Haryana based. Her email id too was fake, it included only junk characters.
Another key thing to look for is how long the domain has been active. In this psychic’s case, her website has been active since 2013 and probably because of that she continues to dupe people. I was directed to this fake website by a survey email from Planet 99 for the broadband service that I am using.
Beware of such surveys or free offer emails that lure you to the scam websites. You can also gather few additional details like reputation reviews, HTTP secure, trust rating, popularity by checking the website on Scamanalyze. The fake psychic’s website was declared as unsafe.
Check the SSL Certificate
Verify that the website’s checkout or payment page is Secure Sockets Layer (SSL) secured to protect your credit card number and other personal information you enter. SSL secured pages begin with HTTPS instead of HTTP at the beginning of the web address. SSL secure your data as it is passed from your browser to the website’s server. Companies need to go through a validation process to get an SSL Certificate.
Fraudsters usually buy a DV certificate for their website and try to trick users by sending phishing emails or other methods to purchase items or log into their accounts on the mimicked phishing site. DV – Domain Validation is the lowest level of validation that just validates the ownership of the domain and not the legitimacy of the organization requesting the certificate. In other words, if the fraud domain owner of www.fabindiadiscounts requests a DV certificate, it will be provided because the fraudster owns the domain.
The highest level of validation, Extended Validation – EV, is the most trusted and extensive. An organization opting for Extended Validation must prove its identity and legitimacy as a business. A site with an EV certificate has a green address bar with a padlock icon as illustrated below.
There are many sites which appear genuine till you get duped. There are many fake job sites and psychic sites that first lure you with free kits and readings and then lure you to pay. Such sites send a link for payment through a payment gateway. After the payment is made, such sites do not respond. Watch out for such fraudsters!
Now that we are heading towards a cashless society, it becomes all the more important that you protect your data. Else, before you know, the fraudsters will really make your account cashless!
Following the above mentioned guidelines will help you safeguard your personal and financial information.
Should you have any questions or comments on this topic, please feel free to ask in the comments section. We at TechWelkin and our reader community will try to assist you. Thank you for using TechWelkin!
Leave a Reply