How to Spot a Fake Website

How to Spot a Fake Website

Have you ever been surfing the web and seen something that warns you that an account of yours, like your bank, has been hacked? Or maybe you were checking your email when you see a message from a department store you shop at that warns you of changes to your account that you need to verify?

These are just a few examples of the kinds of trickery a phisher (scam artists who try to get you to reveal sensitive information like credit card numbers, bank accounts, etc.) will use to get your sensitive, personally identifiable data from you. And they’re great at it.

One of the more popular method used by phishers to scam you is to hire a web developer to create a fake web site to do all of the phisher’s dirty work. Because it’s relatively simple for a decent web developer to copy another web site, it’s very easy to be fooled with a fake web site if you don’t know what to look out for. These fake sites are even more convincing when you see the name of your bank or some other online service in the URL (commonly know as the Internet address, or “web site”); but there are simple ways to spot a fake web site.

Common URL set ups

All HTTP URLs (i.e. your basic web site) follow a common format:

http://domain.tld/

For example:

http://example.com/

The “domain” is the actual domain name (e.g. “example”) and the “tld“, or top level domain, is the “com” portion.

The actual domain and the tld (e.g. “.com“, “.net“, “.org“, etc.) will always be the last parts of the URL before the first single forward slash (“/”) or a question mark (“?”) in an Internet address. Find that, and you’ll immediately know if you’re where you think you are online.

It’s important to note that a domain can have sub-domains before the “domain.tld“, such as our own http://stopsign.com/blog/, but only the real domain owners will be able to use the domain.tld format as described above to build/use their web site.

How to spot a fake or scam web site

Spotting a fake site is as simple as looking for the domain.tld (in the right place) in the URL. If your bank is Chase, then you would expect to see http://www.chase.com; but if you saw http://www.chase.com.example.com/ then you know that you’re not really on chase.com; you’re on example.com. This is one of the most important ways to tell a fake website from a real website!

Examples of valid example.com URLs:

  • http://www.example.com/
  • http://example.com/
  • http://blog.example.com
  • http://www.example.com/blog/
  • http://www.example.com?string

Examples of invalid example.com URLs:

  • http://www.example.fakeurlgoeshere.com/
  • http://example.fakeurlgoeshere.com/
  • http://www.example.com.fakeurlgoeshere.com?string

Did you see how all of the valid URLs have “example.com” before the first single forward slash and/or the first question mark? That’s the key to knowing what is real and what is a scam.

Learning how to spot a fake website is relatively simple, will save you a ton of frustration, headaches, and maybe even money. Make sure you know what you’re really clicking on, or you could wind up as the victim of a phisher or an identity thief.

Image courtesy of geekandpoke

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

About Jon

Jon has worked in the tech industry since the pre-Bubble dotcom days and still has a 1200 Baud modem somewhere in his garage. When he's not advocating the use of strong passwords and being smart about social media, he's working on finding new ways to convince his wife that bacon is a vegetable which should be eaten with every meal.

Trackbacks

  1. [...] got a blog post on “How to Spot a Fake Website” that can help you figure out what’s real and what’s a [...]

  2. [...] up a fake website that copies an online store or charitable website. Check out our post on “How to Spot a Fake Website” for additional details on how to know which are fake and which are [...]

  3. [...] inbox or anywhere online! Scammers are already hard at work sending phishing emails and setting up fake web sites, trying to get people to reveal personal and/or financial information for the Census. Do not [...]

  4. [...] that you’re on to make sure you’re on the real site. See our blog post entitled “How to Spot a Fake Website” for more [...]

  5. [...] and downloading from, the site you’re actually supposed to be on. You can learn more about detecting fake websites in one of our previous blog [...]

  6. [...] on Twitter.com and not some scam website. Learn more about how to figure out if you’re on a fake website or a real one on the StopSign [...]

  7. [...] already discussed how to spot a fake website, but now you’ve also got to tie that into the first item in our post “5 Simple Tips to [...]

  8. [...] online, make sure you’re really on the web site you think you are on. Read our “How to Spot a Fake Website” post to learn [...]

  9. [...] is the real website, but in actuality, it’s a very convincing fake.  These lookalike or “spoof” websites appear to be the real thing, so much so that you could easily be lulled into providing your [...]

  10. [...] no wonder. But fake websites and non-secure shopping can put a damper on anyone’s day. Learn how to tell if you’re shopping on a legitimate website to avoid trouble online. It’s not just shoddy workmanship we have to watch out for when we [...]

  11. […] your kids how to check for secure sites, setting up a good password, and things of that nature. Good habits start now, and teaching your […]

  12. […] Search Engines for Your Kids • How to Spot a Fake Website • Great Tech Expectations: What Should Elementary Students be Able to do and When? • Boolify […]

Speak Your Mind

*