It’s a sad fact that it’s getting easier and easier to be defrauded these days. Gone are the days where all you have to do is ignore phone calls from unrecognised numbers, knowing that it’s probably a telemarketer.
These days, we have to be aware that every website that we visit and every email we get may be an attempt to lure us into sharing sensitive information, like our credit card details or our personal identifiers.
Often times these websites are replicas of the official website, and we may receive an email that looks legitimate, giving us some valid reason as to why we should follow a link and visit that site.
Here’s a tip. No matter how legit an email looks, don’t follow links in emails without verifying that they will take you where you expect to go. Those emails that look like they’ve come from your bank or PayPal? They probably didn’t. We’ll get into how to identify the scam a little further later.
One of the most popular forms of fraudulent websites is fake retailer websites. As mentioned above, as with emails you may receive, these websites are set up to replicate a genuine retail store. They may even steal logos from official websites.
In many cases, the goods offered will be luxury items at unbelievably good prices. Perhaps jewellery or electronics. Handbags are another popular item. There are two possible outcomes when you place an order with one of these sites—you may receive nothing at all, or you may receive a fake item.
Either way, you have no recourse, and you haven’t got what you thought you’d get.
Another new and popular way of doing this is setting up fake stores on social media platforms. You often see them on Instagram—their sole purpose is a type of smash and grab. They make a lot of sales, take your money, and then they disappear.
Here’s a list of the top countries involved in online fraud, and some of these might surprise you:
- Indonesia
- Venezuela
- South Africa
- Brazil
- Romania
Here’s an interesting fact about Australia in all this. In 2017, more than A$340 million were reported lost by victims of fraud. The Australian government also has a Cybercrime Online Reporting Network which centralises this stuff, but unfortunately by the time they’re aware of it, it’s usually too late for some people.
Knowing how to spot a fraudulent website is a great asset in living online. Using a great VPN is another way to protect your identity online and we’ve got a way for you to find the best VPN for Australia, or for whatever country you live in.
How Can You Spot a Fraudulent Website?
One of the biggest warning signs is when an online retailer recommends payment in the form of a money order, wire transfer, or some sort of pre-loaded money card. If you do make a payment using one of these methods, it’s very unlikely that you will receive your item, and it’s virtually impossible to get your money back.
So if you’re shopping somewhere and they don’t offer the standard payment options, be suspicious.
Too good to be true is more than just a saying. Any product that’s being sold at an unbelievably low price, or is touting unbelievable benefits, is likely too good to be true. In reality, avoid at all costs. If some product is telling you, you can lose 100 pounds in a month, that falls into the unbelievable benefits category. The only thing you’ll shed is some money.
Any legitimate store will provide a privacy policy, will be upfront about their terms and conditions are, and what to do in case of dispute. And they will most certainly provide their contact details. If you find a site that doesn’t provide any of this information, or the information appears to be a bit sketchy, run away.
Further Steps to Avoid Fraudulent Websites
These steps are a little more technical in nature, but being aware of them will help you stay safe online.
Get to know the URL or address bar in your browser as it contains all sorts of vital information about how secure the website you are about to visit is.
Many Ausdroid readers will know how to read a URL and what it means, but friends and family members may not. Teaching them these simple tricks may help them avoid a scam.
In these days of cybercrime, it’s imperative to pay attention to this address. Favicons—that’s the little icon that appears to the left of the URL—and actual web content can be filled in by an attacker and are not controlled at the domain level. So just because you see a favicon that matches a known retailer’s website, or the content of the website itself seems to be from a legitimate retailer, that is not necessarily true.
Remember, the purpose of a phishing website is to confuse you, so it will look as close to the real thing as possible. One of the best ways of avoiding these types of sites is to always confirm that you are on the right domain. And here is the breakdown of a domain, using PayPal as an example.
www.PayPal.com
In this example, www is the sub-domain, and PayPal is the domain name, and .com is the top-level domain (TLD). Anyone can create a sub-domain of any name. If a domain name is taken, it can’t be used elsewhere. So a phishing site could create something like paypal.online.com where PayPal is the sub-domain of phishing site.
This might look legit, but it definitely isn’t. Many online banking scams in Australia use this method to disguise the attacker website as a legitimate website; look carefully and you’ll spot it.
It’s a little confusing, but just make sure the part before the TLD (.com, .net, .co.uk and so forth) is the site you really want to be on.
Also look for the indications of a secure site. Especially on e-commerce websites and banking / finance websites, look for a green padlock with the name of the company next to it. For example, you’ll see this on accessing the real PayPal or Commonwealth Bank websites:
If you’re transacting online, and you’re getting warnings about a site not being secure, or a site that you know should be secure (like your bank) for some reason doesn’t have that SSL indicator, chances are you’re not accessing the right site. When it doubt, don’t do it!
This article is a sponsored story from VPN Pro in the UK.
VPNs are helpful, especially if youre using someone else’s WiFi.
On phone, use Blokada.
On desktop, use OpenDNS or AdGuardDNS