Reghan Winkler: Spotting fake websites, phishing scams

Cyber criminals will do anything to trick you into giving them access to your personal information, including the use of look-alike websites.

Fake websites are a critical part of the common phishing scam. A phishing scam is when you receive an official-looking email or text message masquerading as a large retailer, usually with links to phony websites that resemble legitimate ones. These websites attempt to trick you into giving out sensitive information, such as credit card numbers or account passwords.

Although fake websites may seem like a common danger to internet users, many still have problems identifying them. Here are a few things you can do to recognize the risks and protect yourself.

· Check the domain name closely

Scammers use URLs that closely resemble websites you visit regularly. Often times text messages or emails contain URLs that have been altered slightly with letters, added words, and dashes in order to entice you to click on the link without thinking. Here are some examples of how scammer spoof website domain names. BankoffAmerica.com (adding an extra “f”), WaImart.com (using a capital “i” instead of a lowercase “L”) Amzaon.com (Switching the order of “a” and “z” ).

· Look for a padlock symbol

After checking the spelling of the URL, look for the padlock symbol in the address bar. This padlock symbol is the SSL certificate or “security certificate”. It indicates that the information you send to the site such as passwords or credit card numbers can’t be intercepted by hackers. You can click directly on the padlock and see additional information about the security certificate legitimacy such as the registered company name and location.

· Look for the flaws

Scammers don’t spend much time on the design aspect of their phony websites, they often include basic flaws and mistakes that legitimate companies wouldn’t miss. Look for poor spelling and grammar throughout the site. If an image or logo looks low quality or blurry, take it as a sign you are on a fake site. Other signs of a fake site are not having an “about us” section or having little or no contact information such as a physical address, phone number, or email.

· Read reviews and check BBB Scam Tracker

Scammers will post fake reviews on their websites, while real customers write warning signs about their experience. Check multiple review sites such as https://www.bbb.org, Google and other trusted sources for mentions of fraud, non-delivery or even identity theft. You can also go to https://www.bbb.org/scamtracker to look up potential scams by business names, websites, and emails.

· Read the shipping and return policy

Legitimate websites will include a detailed description of their shipping and return policies. If a website you’re on doesn’t explain how their items can be returned, it’s a scam. The websites should also include legal information, such as terms and conditions, privacy policies and data collecting policies. If you can’t find this information, it’s likely not a real company.

· Examine your payment options

Legitimate businesses payment options are more traditional and safer, including credit cards, PayPal, or buy now pay later options, such as Afterpay or Klarna. Anytime you are asked for payment by gift card, prepaid debit card, wire transfer, or cryptocurrency, it’s a scam!

Fake websites can be extremely similar to the real thing, so the next time you receive an email or text linking to a website, inspect it carefully using these tools to keep your information safe!

Reghan Winkler is executive director of the Better Business Bureau serving West Central Ohio. The BBB may be found on the Internet at bbb.org/us/oh/lima.