Search This Blog

Thursday, 17 November 2016

Being a victim of a scam is never a pleasant experience.

I have investigated numerous fake, fraudulent  or phishing websites, and they usually have a number of common traits to look for. Here are some easy steps on how to determine if a website is a fake, fraud, or scam:
  1. The Domain Name – A lot of fraudulent websites will use a domain name similar to a brand name. I have seen fake sites related to MTN, Aliexpress, Calvin Klein, Nike, Buffalo, and more. These domain names might be www.nikesuperdiscounts or www.buffalocollection or www.salomonshop (these are not real sites, but examples). If a company has a trademark on their name, their website usually matches the company name.
  2. No Contact Information – If the website does not have a contact us page, or it if does and it only offers a form to fill out, this is a strong indicator of fraud. Any company offering products or services, should have a place of business (location) as well as a phone number and email to contact them. If none of this information is available, then they likely just want your credit card info. Here is an example I found from a fake website that does not have any contact details.Contact Page without contact details
  3. Check the Grammar and Spelling – If the fake website is attempting to present itself as an American or Canadian business, they will usually use English text. However, there will quite often be horrible grammar and spelling mistakes on the website. Many of these mistakes would be obvious to a native speaker of English; excessive use of poor grammar and spelling should be an instant red flag.
  4. Check the WHOIS – Do a domain WHOIS lookup to see who owns the domain. The result will tell you the registrar (company that the domain was purchased through), when it was created, when it expires as well as contact details. Although the fraudulent website did not tell me their contact details on the website; using the Webnames WHOIS lookup, I was able to confirm that the domain was owned by a company in China, not the running shoe company located in the U.S. Another key observation to look for is how long the domain has existed. If it has been active for less than a year, then it is most likely a scam website. In the case of my example below, this fake site was setup less than four days ago and I was directed to it through a Facebook ad two days ago.WHOIS Domain Result
  5. Test the Contact Information – If the website does list contact information, call, write or email the site, using their contact details, to check if it works. If you get an automatic voice messaging system, the number is not in service, or no one answers during business hours, then exercise caution.
  6. Check if the Login, Create Account, and Payment Pages are Secure – Many fake or fraudulent sites will not bother to buy an SSL (Secure Sockets Layer) certificate. SSL certificates secure the transfer of your data when you submit sensitive information (creating an account, or submitting payment info) and cost money. A scam site, quite often, won’t bother with an SSL certificate, as the site will likely be shutdown within a couple months after the fraud has been reported. If the website is legitimate and secure, like Webnames, they will have HTTPS on the URL and a lock is safe and secure
  7. Check the Shipping and Return Policy – If the website is selling a product over the internet, they will have a shipping and return policy listed on their site. If it is a real company, they should tell you how and where to return a defective product. If they are shipping a product, they should give you an idea how long it will take to arrive. If they have no return address and a vague shipping policy, do not shop at that website.
  8. Check the Domain Name in Google – If you type the domain name into Google, if it is a real site, there should be links to that website from other websites. If only the domain comes up and no other search result appears for that domain name, then it is very suspicious.
  9. Check Other People’s Reviews – Type the website’s domain name, followed by “reviews”, into a search engine. Ideally, you will discover search results for other people’s experiences in dealing with the website. If there are many negative negative customer reviews, then you will most likely want to avoid the site altogether.
Being a victim of a scam is never a pleasant experience. Follow these simple guidelines to protect yourself online and create the best possible shopping experience. If the site you’re viewing feels suspicious, take a moment to research and investigate it before making a purchasing decision.

No comments:

Post a Comment