Cyber Security News

Top 7 Ways to Spot a Fake Website

The Internet is an extraordinary tool that connects us to a world of knowledge, entertainment, and opportunities. However, it's also home to numerous potential hazards, one of which is fake websites.

A fake website is a fraudulent online platform created with malicious intent, often designed to deceive users by imitating the appearance of a legitimate site.

Its primary goal is to collect sensitive user information such as credit card details, passwords, or other personal data. This could lead to identity theft, financial loss, or other forms of cybercrime.

Sometimes, these sites may also distribute malware, harmful software intended to damage or infiltrate a user's system without their consent.

According to the Australian Competition & Consumer Commission (ACCC), Australians lost $9.2 million to this type of scam in 2022.

Here, we'll guide you through seven key signs to help you identify a fake website and what to do if you suspect something is 'not right' about a website.


Check for HTTPS and the Padlock Icon

When visiting any website, check for 'HTTPS' at the start of the website's URL. This 'S' stands for secure, meaning that the website encrypts the data sent between you and the site.

Additionally, a small padlock icon should appear next to the URL, further indicating a secure connection.

Beware though; while most legitimate sites use HTTPS, some fake sites might use it too, so don't rely on this indicator alone.

If you want to dive deeper on this subject, you can read our blog article about it HERE.


Verify the Domain Name

Scammers often use domain names that resemble those of legitimate websites but with minor spelling mistakes or extra characters.

An old, but still worthwhile example, was, as opposed to Easy to miss...

Always double-check the spelling of the domain name, and beware of names that seem overly complicated or include excessive numbers or special characters.


Evaluate the Website's Design and Content

A poorly designed website can be a red flag.

Legitimate businesses typically invest in professional, functional websites. Look out for low-quality images, grammatical errors, broken links, and incomplete or missing contact information.


Look for Secure Payment Options

Legitimate e-commerce sites will use secure, recognisable payment methods.

If a site asks for direct money transfers or does not offer options like PayPal, Visa, or Mastercard, be wary.


Read User Reviews

Before making any transactions or sharing personal information, it's always a good idea to look for reviews from other users.

Remember, the absence of reviews is as telling as a slew of negative ones. Always be careful when dealing with a site that either doesn't have user reviews or has predominantly negative feedback.


Research the Website's History

If you're determined to use a site but are still not sure if it's okay, services like the Wayback Machine or WHOIS allow you to look up a website's history, providing information about its creation date and ownership.

Newer websites or those with opaque ownership may warrant more caution.


Trust Your Instincts

Lastly, if a website seems too good to be true, it probably is.

Offers of free items, significantly discounted prices, or other tempting deals could be attempts to lure you into sharing your personal information.

If it looks like a duck, and quacks like a duck, it's probably a duck. Always trust your instincts.

What to do if you suspect something is 'not right' about the website?

The best action to take is to leave the website immediately - don't click on any internal links or provide personal information.

Avoid using the contact information provided on a suspected fake website, as it can be part of the scam. Reaching out through these channels may lead to other deceptive tactics, and phishing attempts, or even increase your exposure to spam and malicious software.

To verify the contact information of a business or an organisation, you should independently research the company through a trusted search engine, or use established online directories or databases.

And be sure to report the site to the Australian Cyber Security Centre so that they can make an assessment. You can use this LINK to report a scam.

You can report fake websites and websites suspected of hosting or distributing malware to Google for review.

Remember, the Internet is an invaluable tool, but by staying alert and following these tips, you can enjoy a safer, more secure digital journey.