Fraud Awareness: How To Spot A Fake Website

Cyber Security

Fraudsters often set up websites that look real but are in fact fake. The site might have branding that is almost identical to a company you know. The fraudster might even have gone to the trouble of setting up sophisticated features such as a ‘live chat’ that make it feel genuine.

Fake website checklist: what to look for

The aim of these websites might be to get you to make a payment for goods that don’t exist, or to infect your computer with a virus designed to steal passwords or other personal information. To do that, they need to earn your trust – so the fraudsters work hard to make these sites seem legitimate. But there are usually some giveaways that a site is fake. Some signs to look out for include:

  • bargain prices on high value items or incredible returns on investments – especially if they’re using language designed to hurry you
  • asking you to pay by bank transfer instead of credit card, debit card or trusted third party payment provider (e.g. PayPal)
  • a domain name (also called the URL or website address) that doesn’t look quite right – check closely as it might look very similar to a real one or include a trusted big brand name
  • no website security on payment pages – if there’s no padlock symbol or ‘https’ in the URL (website address bar), your data won’t be sent securely
  • very little company information on the ‘About us’ or ‘Contact us’ pages
  • no returns policy, privacy policy or other terms and conditions
  • poor quality photography, graphics or page layout
  • spelling and grammar mistakes

How to check if a website is secure

Check for the ‘closed padlock’ symbol and/or https at the start of a website address. Neither of these guarantee the website is legitimate or reputable, but they do mean your connection to the website is secure, so any information you enter will be encrypted.

If the padlock or https are not there, or the browser says ‘not secure’, don’t use the site.

What to do if you suspect fraud

If you’ve seen something that doesn’t feel right, STOP!

  • break the contact – don’t click on any links or make any payments
  • check if it’s genuine: compare the domain name (web address) with one you know to be real
  • look at reviews from several online review sites, for example Trustpilot, Feefo or Sitejabber
  • report it to the National Cyber Security Centre (NCSC)

What to do if you’ve already responded to the website

Don’t panic! What you do next depends on whether you’ve clicked a link, sent information or made a payment. Take a look at our advice on what to do if you’ve been a victim of fraud.

Cyber Security Useful Resources

Do you know your TikTok from your Snapchat? Whether you’re a teacher, social worker or...