Scammers are online tricksters who create super-realistic fake websites. They look like the login pages of your bank, those password reset pages for Amazon and Netflix, or even phony package delivery requests. But anything you type in there goes straight to the scammers who use that information for identity theft or financial fraud.
But don't sweat it. In this post, we will brief you on how these scam websites work, how to detect a fake one (with some examples for good measure), and what to do if you accidentally misstep into one of these scammer traps.
Scammers develop these fake websites to trick you into giving away sensitive credentials like passwords, payment details, or personal info they can use to mess with your identity or steal money. But it doesn't stop there – some fake sites can even infect your device with malware or con you into buying stuff that doesn't exist.
Now, here's the details on how they pull it off:
Fake Online Stores: These scammers set up online shops with deals that sound too good. They plaster ads for these deals all over social media. Once you take the bait and purchase something, they either snatch up your payment info or mislead you into buying inauthentic products.
Fake Login Pages: The scammers design websites that look exactly like your bank's login page and then shoot you a phishing email with a link. Next thing you know, they're conning you into typing in your password and banking details.
Malicious Pop-ups: Hackers sneak malware onto your device through pop-ups on legit websites. Once it's in, they can spy on you or dig through your hard drive for vital info.
Fake Customer Support: Ever get a call from "tech support" claiming they need to fix your computer? Scammers pretend to be these tech experts, convincing you to give them remote access to your computer.
Healthcare Hoaxes: Your health info isn't safe either. Scammers create fake websites asking you to verify your Medicare number or health details.
Package Delivery Shenanigans: With online shopping booming, scammers make fake delivery websites that look like UPS, FedEx, or any other delivery service. They ask you to provide your info or try to steal your credit card numbers.
Bogus Flight Bookings: In a recent scam, fraudsters set up fake flight-booking websites, stealing your info or selling phony tickets.
Long story short, these scammers are leveling up in their game of copying legit websites. Luckily, we have your back with Safe Browsing tips that ping you if you're straying into a sketchy site.
The web's crawling with fake sites, and they're pulling off some grave facade. But fear not, here's the inside info on how you can play detective and make sure you're not falling for a scam:
When the domain name doesn't match the original website for the company, for instance, scammers copycat domain names, throw in extra letters, or tweak things to con you.
Check out these examples of their tactics:
BankoffAmerica.com (extra "f" in there)
Paypal.com.secure-site.com (It's actually "secure-site.com" not "paypal.com")
WaImart.com (sly use of a capital "L" instead of a lowercase "l")
Netflix-support.net (mixing up domains and extensions for that extra confusion)
Delivery.ips.com (sneakily swapping out "UPS" for "IPS" and hoping you won't notice)
Before sharing sensitive info, double-check that you're browsing the correct domain. If you're unsure that it's the official company domain, then you might be tangoing with a fake website.
When surfing the web, look for "HTTPS" at the beginning of the URL, accompanied by a padlock symbol. It's a web's secret safety symbol, pointing to the site using SSL encryption. This little digital badge ensures that the data you share is secure and intruders can monitor it. Scammers have gotten crafty and started SSL certificates on their fake sites to make them look legit.
So, what's the move?
Click on that padlock and dig a little deeper into the security certificate. Look for details like the company's registered name and origin (country, province/state, locality). These are signs of a beefier security setup, known as an "Organization Validation (OV) certificate." It's the upper level of protection, and it's difficult for scammers to fake it.
Scammers do not spend too much time crafting fake websites. Just like sketchy emails and texts, their phishing websites often sway some flaws and slip-ups that original companies wouldn't mess up.
If you notice some wonky spelling or grammar, it's a sign for "Scam Ahead." Legit big shots have armies of writers and editors to remove these typo blunders. If the language feels a bit different or spelling mistakes, don't brush it off as an innocent error. Scammers are probably at play.
Check websites by using the Whois Lookup domain tracker. Enter the URL, and it will show the owner's organization name, country of registration, and how long the domain has been around. If a company claims to be U.S.-based but the Whois Lookup reveals a different country, that's a major red flag.
The Wayback Machine finds archived versions of websites and shows their history. A site that has been used for multiple objectives or suddenly altered is dubious. Legit businesses usually have a uniform online identity.
Scammers aren't Photoshop experts. If the images or logos on a site look like they've been through a pixel blender, that's a red flag. Legit businesses invest in high-res visuals, not pixelated blemishes.
If a site feels like a confusing digital maze, it might be a phony website. Legitimate sites care about user-friendly designs.
If you can't find an "About Us" page or any contact info, that's fishy. And if the only way to chat with them is through a generic contact form, take caution. A genuine business wants you to its location, so look for a physical address and phone number.
Legit online retailers mention their policies on their dedicated web pages. If you can't find a guide on: "How to return an item," that's a scam alert.
Genuine companies follow the rules. They are transparent about how they operate. Look for pages that show the legal info, covering terms and conditions, privacy policies, and how they handle your data. If it's vague about this info, the website might be playing you.
Legit brands keep trades safe and sound. You should always have the option to pay using more conventional and secure methods like credit and debit cards and PayPal. If these options are missing, it's time to hit the brakes. Protect your pennies and choose secure payment paths.
Most original businesses exhibit their things on social media. If you're on a website, and the social media icons lead to nowhere or are just there for show, that's a prominent red flag. Legit businesses want you to connect with them on social media.
Like the Vivobarefoot scam site, clicking on social media icons only allows you to share the site's URL without taking you to their social media profiles.
Reviews can be a powerful way to uncover the truth about a website.
Keep your radar up for keywords like fraud, non-delivery, or identity theft for on-site and off-site reviews. Real customers often share their experiences and warnings about scams.
If the reviews all sound like they're reading from the same script, that's suspicious.
Real shoppers share in detail, whether it's positive or negative. If a review lacks specifics about the product or is overly detailed in a weird way_ it might be fake.
If all the reviewers are relatively new to the platform, that's a red flag.
If there's a caravan of unrealistically positive and generic reviews, proceed cautiously.
Google Search: If the website has no reviews, a quick Google search asking if it's real or a scam can yield valuable insights.
Better Business Bureau's Scam Tracker: The BBB's Scam Tracker is a goldmine for checking a company's reputation. Negative reviews here can be a warning sign.
Shopping breaks and sales bring discounts, but if the price tag is ridiculously low, it's time to check authenticity. Scammers are often lured with low prices or even market counterfeit goods. Sketchy websites can either snatch your financial info or send you shoddy knock-offs.
Check the price of the item on other legit sites offering similar deals.
Use a reliable website checker to verify the site's authenticity.
Stay sharp, be a price-savvy shopper, and dodge those too-good-to-be-true traps.
If you're dealing with identity theft or suspect something fishy, here's a quick rundown of what you should do:
Provide your identity theft insurance or digital security information about the issue. They can guide you on the next steps.
Freeze your credit cards ASAP to stop anyone from stealing your credit file without permission.
Take control of your compromised accounts by updating passwords. For an extra layer of security, flip on two-factor authentication (2FA).
Contact your bank and credit card companies pronto. Report the scam, shut down affected accounts, and ask for new cards and account numbers.
If some payments have slipped through, inform the company that processed them.
Visit IdentityTheft.gov and file an official report.
Fire up your antivirus software and scan your devices for any malware or tools scammers might have left behind.
Sign up for identity theft protection with credit monitoring. It keeps an eye on things and can help in case of any financial losses.
If you come across a bogus shopping site and desire to do your role to keep the internet safe, registering a complaint is crucial. You can reach out to Google or Microsoft, and if you're in the U.S., don't forget about the FTC or the FBI's Internet Crime Complaint Center (IC3). Give them the scoop on why you think the site is fake.
Millions of people fall prey to fake websites every year, and billions of dollars are lost globally. Studies show that vigilance about these scams can reduce the risk by 20%. Identifying a scam can be a challenge. But you can save yourself by following the simple steps provided in this post.
Look for signs like too-good-to-be-true prices, irregular domain names, or a lack of contact info. If the site feels off or lacks reviews, consider looking elsewhere.
Unfortunately, yes, online shopping scams are happening every day. Staying sharp and spotting red flags can significantly lessen the risk.
If it feels fishy, dig deeper. Check for customer reviews, legitimate contact info, and secure payment options. When in doubt, consider shopping elsewhere.
Learn the risks, use robust passwords, update your devices, shop from known sites, and think twice before handing out personal info.
