Fightcybercrime.org

Recognize, report and recover from cybercrime.

Is That a Fake Website?

Home » Blog » Reinforce Your Security » Is That a Fake Website?

Cybercriminals often use fake websites to steal your login or personal information or to download a virus or ransomware on your device without your knowledge. A common trick is for a cybercriminal to create a fake website that looks like a legitimate one, such as a bank’s website. Then the cybercriminal sends you an urgent email or text message that says you must log in to your bank account and includes a link to the fake website.

How to Identify a Fake Website

Before clicking on a link or entering any information on a website, take a moment to really look at the website address — that’s the main way to assess whether a website is most likely real or fake. Hover your mouse over the link before clicking on it to see the actual website address, which may be different than what the text says.

A website address, or Uniform Resource Locator (URL), can be long, but they all follow the same, basic format. The “punctuation” (e.g., colon, dots, slashes, question mark, hash mark) are important and separate the parts of the URL.

No matter how long or short the URL, there are only two parts to examine to help identify a fake website:

  1. Examine the website’s domain. It is the most important piece of text for spotting a fake website. Start at the first single slash, then work “backward” (left) to the second dot. If there is no single slash, then start at the last character. The domain should exactly match the website you want to visit. Does it contain a misspelling or other inconsistency? For example, is the domain “mys1te.com” or “myssite.com” instead of “mysite.com”?
  2. Review the website’s extension. The extension is part of the domain. It indicates the type of organization that is sponsoring the website or contains a code to indicate a website’s country. Again, start at the first single slash, then work “backward” (left) to the first dot. Cybercriminals often use a different extension to make a URL look legitimate. For example, the website, “mysite.com” is a totally different website than “mysite.org” or “mysite.ca” (.ca is Canada’s country code).

Branding

footer logo