When people hear phishing they picture fraudulent emails, or scam calls. But phishing could also come in the form of a website. Someone designs a site that looks like your banks official site or the Ray Bans store and when you plug in your sensitive information it’s sent directly to the hacker. Then you’re redirected to the real site, probably thinking it was nothing more than a glitch.
Make sure you check the URL of the site if you need to punch in your login information to make sure that you are on the right website. Phony sites will be able to recreate a site and use official logos, but you will be able to find discrepancies in the link. But as a rule of thumb you should type out the web address for the accounts you need to keep secure like your bank’s website, rather than google searching it and potentially opening a scam website.
Too good to be true
Probably the biggest culprit for fake website scams are those posing as bargain shopping sites. They put up logos of big companies like Ray Bans or Michal Kors and offer up crazy discounts that look too good to be true. Well, they are. If it seems too good to be true, it probably is, and you should get off that website. A lot of companies sell their stuff on third party sites, but is the URL is something you’ve never heard before its better to be safe than sorry. These website scammers can create a fully functional website in just a few days, and they know how to make them look legit. But those sales that make you practically droll can lead to some serious headache if you are not careful. Legitimate vendors never discount their prices heavily unless they are looking to purge inventory fast, and that’s usually old stock that’s been sitting around for a while. If you see a heavily discounted item that is brand new that should immediately bring up a red flag.
Do you even grammar?
Grammar and spelling are something that a lot of scammers don’t pay a whole lot of attention to. The more sophisticated ones will, but usually some stuff falls through the cracks. If you’re one of these scam websites and you noticed some funky wording, it’s probably not a legitimate site. Big corporations have entire teams that comb over every bit of text that goes up on their site with a fine-tooth comb, you’ll be hard pressed to find any mistakes. These websites are often created in countries where English is not the native language and so we see a lot of spelling and grammatical mistakes.
If you doubt the authenticity there are a few things that you can do. For one, you can use WHOIS to check the owner of the website, something that GoDaddy offers. If the Registrant information checks out then you have nothing to worry about, but if it looks fishy you can avoid it in the future.
If you feel as if you might have shopped in a fake site, or put in your login info into it what should you do? The first step should be to change all your logins to avoid getting locked out of them and keep an eye on your bank statements. You can also look into identity theft protection, which if you get a lot of phishing emails may be worth the cost. Or make sure that you have multifactor authentication set up on your accounts. Your IT provider can help you go through the options to find the perfect solution for you.