Phishing emails that advertise fake websites are starting to flood people’s inboxes, and people left and right are falling for the scammers’ tricks. Once they click on the link, they are directed to a website that almost seems legit looking. However, once you give them your account information, personal information, or financial information, that’s when trouble begins. They can then use this information to commit identity fraud or drain your bank account. This is why it is important to know how to spot a scam website and how to tell if a website is fake.
How to Tell if it’s a Fake Website
- Type the name of the website into a search engine.
If the page appears to be at the top of your search results, then this is a good sign. If you still aren’t sure, look for reviews about that website that are not affiliated directly with the website.
- Make sure the website’s connection is secure.
To make sure the website is secure, look for an “https://” encryption at the beginning of the URL. Some browsers will even have something stating “Secure” or “Unsecure” to the left of the URL.
- Analyze the web site’s URL for clues that it might be fake.
A website’s URL should contain “http://” or “htpps://”, the domain name, such as “socialcatfish,” and the extension, such as “.com,” “.net,” “.org,” etc. Any website with “.gov” or .edu” is usually credible, since it means it’s an educational institute or governmental website.
It SHOULD NOT contain multiple dashes or symbols in the domain name. It also SHOULD NOT copy a business website by misspelling it or adding extra characters, such as “s0cialcatfish” or “soc1alcatfish” or “soc1alcatf1sh”. If a website URL ends in “.info” or “.biz,” that’s also a sign that the website isn’t credible. Along with these, also watch out for “.net” or “.com” since they are easily obtainable extensions, though not every website with these endings is fake.
- Watch out for bad grammar on the website.
Poorly spelled words, bad grammar, awkward phrasing, and punctuation errors are all warnings to stay away from that website.
- Make sure the website has contact information on it.
On most legitimate websites, they have a contact page for any questions, suggestions, or comments you might have to the website’s team. If the website provides you with a phone number or an email address, it is probably a good idea to contact the website to make sure that they seem legit before proceeding. It is a MAJOR RED FLAG if there is no contact page on the website.
- Watch out for overwhelming advertising.
If an ad takes up the whole page, there are multiple ads in one page, plays sounds, requires you to take a survey, redirects you to another page, or is explicit in any way then you’re probably on a fake website.
All domains are required to publish contact information for the person or company that owns the website. However, you can register the domain privately. If someone has registered their domain privately, it will state “private registration” as the contact of the website.
- Make sure the company has a social media presence and reviews.
Fake websites sometimes link to social media accounts such as Facebook, Twitter, Snapchat, OnlyFans, or Instagram but don’t link to verified accounts from the actual business. If it’s a well-known business but isn’t advertising the website you are on, then don’t trust it.
If it’s not a known business and they aren’t verified, then read reviews about it on their social media from random users that follow them. Also, look for their employees on LinkedIn. If there aren’t any reviews or employees, then question the authenticity of the website.
Type in the website that you are questioning in the Google Transparency Report search bar and hit enter. The results after you do this will tell you if any immediate dangers have been found on this website.
- Search the website on Better Business Bureau.
Type in the website’s URL onto the “Find a Business” section. Type a location in which the business states its located. Then hit search, then see what results come up and compare it to the website’s claims.
- Avoid any phishing email that is advertising a fake website.
Within a legit-looking phishing email is a link to a fake website that will trick you into providing personal and financial information so they can steal your identity and the money from your bank account.
When you get a phishing email advertising a website, don’t open the link but instead type the URL of the website it claims to be advertising as well. If it’s a company you’ve never heard of or looks suspicious, then ignore the email without clicking on the link. Links like these could lead to identity theft and your money being stolen.
- Make sure there are security certificate details for the website
The security certificate details for each website can determine that your connection to that website is private. This means that a third party website can not eavesdrop on you while on the website to steal your information.
There are many types of security certificate details that you can view in the certificate’s subject. A DV certificate has just the domain name, an OV certificate will only include limited company information, an EV certificate will include detailed company information. However, the preferred type of certificate to look for is the OV SSL certificate which gives you verified business details about the company, which will confirm that the website is real.
For Safari, Google Chrome, and Firefox, all you need to do is click the padlock by the URL, click more information, and then click view certificate to view security details and make sure you are not on a scam website.
Social Catfish is Here to Help You!
At Social Catfish, we want to help you verify the identities of those who might seem suspicious to you. If you have their name, email address, phone number, social media username, or image, you can reverse search and see who the suspected person was that you’ve been in contact with if you think you’ve been a victim of a scam website.