One of the preferred ways for cybercriminals to deceive their victims is the fraudulent use of websites. On many occasions, they supplant the identity of a company or organization to make a profit, creating a false website for their illegal businesses, with the aim that users “bite” and expose their personal data and / or credit cards. In this tutorial we will explain how we can detect a fake scam website for scams and frauds.
Introduction: what are phishing attacks
Cybercriminals, with a phishing attack, essentially seek to steal our credentials and passwords. The way these attackers act is to send a message that impersonates the identity of a company or organization.
The message that reaches that person may contain a malicious file or simply a link that takes us to a fraudulent website. The objective is for the victim to log in to deliver their account data to the attacker . Some of the latest phishing attacks affect banks, social media, Microsoft, and email accounts.
How to avoid phishing attacks
It basically consists of using our common sense and applying what we have explained here. Here it is very important to analyze the URL and also the content to detect a fake website. So we must look at the signs that we have mentioned before such as spelling mistakes and many more. Another information to suspect is when they play with urgency and ask us to take an action before a certain time or otherwise they close our account.
Also a very important element is not to open and execute the attached file that comes with this type of attack because it could infect our computer with malware. In addition, we must keep our computers updated with the latest patches and updates without forgetting to have a good antivirus .
Some of the most important points to detect a fake website are:
- The study of its URL (domain) by observing the address bar of our browser.
- Identify the owner of the website.
- Study the content of the website and the payment methods it offers
- Free tools to detect fake website
Now, we are going to talk about them one by one and we are going to explain what details of that website we have to look at.
Study of your domain
The best we can do to understand it is to take a legitimate website as an example. This way we will know that we must find it on any website that offers minimum guarantees. In this case, we are going to use a bank as an example, specifically BBVA . Without a doubt, one of the best examples of legitimate and secure websites that we can find are usually banks.
A digital certificate issued by an authorized certification authority (CA) gives us guarantees that the web page we are on is legitimate, however, this is not always the case, since cybercriminals use certification authorities such as Let’s Encrypt to incorporate HTTPS on their websites, and that browsers verify that their digital certificate is legitimate.
Here is an example where a URL appears in the address bar. Also, if we click on the padlock icon, it will give us additional information.
Here we can see that it is a secure connection and has its corresponding certificate.
Another thing that we can take a good look at is the URL. What we will do is select it completely, with the right button we click on copy and then we will copy it into a text file. In this case, what we can see is that it is of the https type, which are the websites that encrypt the data and those that we call “secure”.
As you can see, all traffic is encrypted and the connection is secure, however, that a website incorporates HTTPS and the connection is secure, does not mean that the website is real, it can be perfectly false and be oriented for fraud, but Cybercriminals have correctly configured the HTTPS protocol with its corresponding certificate to try to “sneak up on it.”
Then we have the http type , the connection to these websites are not secure, this does not mean that they are not legitimate. However, if it is a website where economic transactions are carried out, it is not a good sign. Either because those payments are exposed, or because it is a scam, it should not be used for payments. Therefore, on this type of website it is not recommended to use confidential information or make purchases.
Therefore, and finally, if a website uses HTTP and asks you to enter user credentials or credit card details, it is very likely that it is a fake website for fraud. Incorporating HTTPS is a good indication that this website is legal, but you should also be careful and check that the domain really belongs to the bank or website you expect, because the incorporation of HTTPS does not mean that it is legitimate.
Information about the owner of the website
By law, the owner of a website must be correctly identified. You must also comply with a privacy policy that they must respect. To preserve our rights we have the General Data Protection Regulation (GDPR) so that companies keep our data safe. One thing that can be observed on a legitimate website is that it asks us for permission to use cookies.
If we want to know who the owner of a website is, we usually have that information at the bottom. In the example web I selected earlier, we can see this:
If we click on Legal Notice we will obtain these data:
Here we can see how it offers us detailed information about the company. Thus, we can see important data such as your tax identification number or CIF along with your address. Usually companies that commit scams do not offer such detailed information that it could be verified.
When we do not know who is the owner of a website, or we want to contrast that information, we can resort to two websites. One is the nominalia website that we will access by clicking on the link, so we can obtain information about this site. This time we are going to change the website. There in the domain name we write marca.com and it will offer us extensive information about this famous sports website.
Now we are going to use a different one but this time with the intention of contrasting information. The second is the WHOIS tool, which allows us to find out the ownership of an Internet domain. However, with the RGPD the WHOIS is no longer public because it is considered private information, we will not be able to know for sure the owner of a website if it is on European “soil”, but it will be useful for other websites outside our borders.
Study the content of the web in search of anomalies
In addition to identifying the website and checking if it uses HTTPS (although the latter does not guarantee that it is a legitimate website) we have to look at more details. One very important thing in that sense is when we find flaws in the use of language . If we find spelling mistakes , it can be an indication to detect a fake website. This can be a sign of errors in the translation together with the missing letter ñ .
However, that’s not the only thing:
- We get in touch with that seller and they reply in another language.
- They ask that we make a bank transfer by sending an e-mail.
- They address us with formulas as dear customer rather than by our proper name.
- Abnormally low prices.
- They bypass secure payment methods, like PayPal.
Here we have the example of the security established by a company of recognized prestige to make payments.
As you can see, it accepts VISA, Mastercard credit cards, transfers and, in addition, it protects transactions with an SSL certificate. At the time of payment you have to be attentive and check that the https security protocol is used .
Free tools to detect a fake website
Browser JSGuard, an extension for browsers
Another option that we can use to detect a fake website is the installation of an extension in the browser . One of those that we could install is Browser JSGuard .
The moment we enter a suspicious website, it will notify us so that we can exit it immediately. To install Browser JSGuard in our browser, we only have to go here if our browser is Chrome and here if it is Firefox . We must remember that currently both Chrome and Firefox are also capable of detecting fake websites, but if they have a short time to live, we will not get the typical danger message with the screen in red.
ScamAnalyze to detect scam websites
The ScamAnalyze page will allow us to analyze other websites to check if they are legitimate or not. On the main screen we enter the domain of the page that we want to check and we search.
Next, it will show us if that website is secure or not along with other data.
As you have seen, we must be very careful when we are going to enter payment data or personal data on websites that we do not know, we must be extremely careful and check everything we have told you to make sure we do not fall into the hands of cybercriminals.