Significant ways to determine a fake or a fraudulent website
- Pay Close Attention to the URL
Have a look at the URL when you visit a website or before clicking a link and verify whether it is a real website.
URLs of some phishing sites pretend to be quite genuine and safe with the use of appearance of the real site, tricky spellings, sub domains, short URLs and SSL certificates.
- Check Connection Security Indicators
You may determine the safety of a website by checking what protocol it comes with. If the protocol is ‘https’, it is more secure than a URL with ‘http’. Especially when you engage in businesses with e-commerce (online transactions happening) websites, additional security should be considered and prioritized. Therefore, NEVER PROVIDE your personal information or credit card details to a site if you can’t find ‘https’ there.
Among the security indicators, the Padlock icon or the EV name badge / Green address bar as shown below play an important role to certify the connection security.
- View Certificate details
By clicking the padlock icon () on the address bar, you may be able to view certificate details.
When you click Subject in the Details tab of the Certificate, you may recognize what type of SSL certificate (DV, OV or EV) the website of the organization possesses.
If it is a DV certificate the details will just show a domain name. For an organization which has an ecommerce website must have either an OV or an EV certificate to secure your financial credentials. It is easy to identify the difference between OV and EV. SSL Certificates with OV shows the State and the Country name apart from the domain name. EV, going an extra mile, even indicates the Street name of the registered organization.
Here is an example for an organization (SSL) with EV certificate.
- Look for Trust Seals
In addition to verifying the legitimacy of the website, you can check for the trusted marks on the internet. For instance,
Those trusted seals will further assure you that the SSL certificate of the organization’s website is in good standing and be on the alert for malware or other vulnerabilities. Those marks normally appear on homepages, login pages, and checkout pages.
- Consult the Google Safe Browsing Transparency Report
To get a report of a website to determine whether that is safe, you can copy the URL and paste it on The Google Safe Browsing Transparency Report as shown below.
- Expand the shortened links
There are services to shorten the links, since it is sometimes necessary to fit into posts that concern of word limit. E.g. Tweets. However, when a URL is too short, it is a bit complicated to realize the actual destination of the URL. Therefore it is always recommended to expand the shortened links using a service such as CheckShortURL
- The URL may consist of a bunch of strange characters.
Using URL encoding with special characters, hackers make an effort to hide the destination of malware or phishing sites. Then it is not possible to identify the real destination of such URLs unless you have a URL decoding tool. For instance, beware, if you see a bunch of % symbols in the link.
- The links received through unsolicited emails and messages
Most of the time, emails, text messages and pop-ups carry phishing links with content to draw your attention as follows;
‘Verify your information’
‘Do you recognize this log in?’
‘Immediate action is required’
Though you feel that is unavoidable, never hurry to click any of the links without cleverly studying. Simply do not trust them, since they may contain harmful virus.
- Scan the link with a link scanner
- Enable the real-time or active scanning option in your anti-malware software.
Finally, it is always worthy to install an Anti-virus software to your PC / mobile phone and keep it up-to-date. Apart from that you should consider of adding a Second Opinion Malware Scanner to the device you use to surf internet.
We hope that the above facts were useful to you in identifying and determining a fake or a fraudulent website.