SSL

How to Recognize Fake, Fraudulent or Scamming Websites

July 12, 2017 | By Kimberly Reynolds

SSL Certificates offer websites web security and protection from identity theft. But unfortunately, with the rise of free SSL services and recent changes to browser indicators, it is becoming easier for hackers with malicious intentions to impersonate genuine websites (sometimes in a legitimate manner by obtaining SSL Certificate) and thus swindle valuable information from online users.

So at a time when fake websites are successfully duping Certificate Authorities (CA)s into granting them SSL Certificates, it’s worth becoming aware of some of the signs to look out for which fake websites will have a hard time replicating and thus stay away from being robbed out of precious information.

EV SSL Certificate

Here are some suggestions for determining if a website is Fake, Fraudulent or a Scam:

1. Focus on the URL: The simplest thing to do and yet most of us ignore it. The moment you enter a website, look up its URL or address bar, as this will contain a number of signs indicative of the fact that the website is a secure one or not. These signs are also commonly known as “connection indicators” as they let you know whether your connection to the website is private or not.

A website having an SSL Certificate, and is therefore secure, contains the following signs:

  • HTTPS: These letters in the URL indicate that the communication protocol being used by the website is a secure one which cannot be intercepted, manipulated or stolen by malicious third parties. Simply put, HTTPS is HTTP protocol (which is insecure as stand-alone) + SSL technology, which makes the website’s communication protocol more secure and hack-proof. Therefore HTTP = Bad while HTTPS = Good.
  • Padlock Icon: This icon in the URL is also indicative of the fact that the website you are interacting with is a secure one. In other words, the website possesses an SSL Certificate and uses the secure HTTPS Website security protocol for communication.
  • Green Address Bar: While all secure websites have the HTTPS and padlock icon in them, a few will have an additional “Green Address Bar” as well. This sign appears only when websites use a specific type of SSL Certificate known as Extended Validation (EV) Certificate. These certificates are issued only after rigorous background checks and therefore serve as an un-impugnable proof of identity.

2. Focus on the URL Structure: Another dead giveaway that a website is fake one can be found from its URL structure. A genuine website’s name will have the following format “http://domain.tld/”, where “domain” is the “registered domain name” and TLD stands for top-level domains like .com, .net, .org etc. Example: https://example.com./

Now a fake website will never be able to replicate a genuine address like this, especially the final part where the registered domain name is immediately followed by the TLD. This is how genuine website addresses are supposed to be: “registered domain name immediately followed by the TLD without anything else between the two”.

So, if something is sandwiched between the two – like, for example, https://example.123.com/ – then it’s a clear indication that the website is a fake one.

3. Check Certificate Details: You can get an “in-depth view” of the SSL Certificate a website contains by clicking on the padlock icon available in the URL. By in-depth view, we mean details like the company name, its real-world address, and location, details which verify the fact that website or the business is a genuine one.

The details displayed in the certificate depends on the type of SSL Certificate purchased by the company.

DV (Domain Validated) SSL Certificates contain just the registered domain name.

OV (Organization Validated) SSL Certificates include limited company information like its name, state, and country in which it operates etc.,

EV (Extended Validation) SSL Certificates contain detailed company information and therefore is the most trusted (and secure) of all certificates. For this reason, they are given the special visual indicator: the green bar.

4. Trust Seals: Trust seals or secure site seals on the websites you visit – a badge given by the SSL Certificate providing CA – are another great sign that the website is a secure one. These signs are usually placed on the home, login or checkout pages offering a strong visual sign to the visitors that the website is a secure one. What’s more is the fact that these trust seals will display additional verified information when clicked upon by the visitors.

5. Other Signs: Here are some other signs you could look out for to check whether websites are genuine or not.

  • Check out Contact Us Section: Don’t forget to check out the Contact Us section. The more the information available on this page, the more confident will be the visitors. And any information concealed will obviously mean that the website owners have something to hide. So never transact with websites which have shady-looking Contact Us pages.
  • Uncorrected Obvious Misspelled Words: Sometimes you’ll come across obvious spelling mistakes like ‘bankkk’ instead of ‘bank’. This kind of unchecked mistakes usually means the websites are not genuine.
  • Online User Reviews: Find out what the online world has to say about the website you have doubts about. This too can offer some valuable insights regarding the website’s integrity.
  • Too Many Ads: Websites with too many ads through which you can hardly navigate yourself through obviously has dishonest intentions. Because websites which don’t care about user experience are ones that can hardly be trusted upon. So avoid these as well.

Conclusion:

Yes, we know the list is a long one. But we don’t mean to scare you. Just ensure you exercise some discretion while you are online by looking for signs we’ve listed in this blog. This should help you avoid dangers posed by fake, fraudulent or scam websites out there that are waiting to exploit your online gullibility.

Compare SSL Security Certificates

Posted in SSL

Be Sociable, Share!

Leave a Comment


 


* fields are mandatory