Scammers set up various types of websites for online fraud. These can range from haphazard, amateurish- looking sites, to professional-looking high quality websites. It can be difficult to spot whether a website is fake or not. Fraudulent sites come in many forms, and here are 10 ways to quickly see that a website might not be legitimate. Keep in mind that these tips are for fraudulent websites involved in 419 Advanced Fee Fraud, and not things like fake electronics selling sites.
10. The site is claiming to be a bank and has a login for online banking, and that login page is unsecured. If you are visiting an online banking login page, your web browser will show https and not just http if the page IS secure. You can check your own legitimate bank website, it will always be secured.
9. A supposedly professional company (such as a bank or courier) that has a mobile contact phone number. Scam UK websites notoriously use redirect numbers starting with +4470. You can check phone numbers here: http://www.numberingplans.com/?page=analysis&sub=phonenr
8. The registrant of the site doesn’t match the claimed location of the business. By running a simple ‘whois’ of an internet domain, you can see who registered the domain (the ‘registrant’). Say for example there was a shipping company site claiming to be in the UK, but the registrant was someone from Nigeria… This can be done with a tool such as this: http://www.whoismind.com
7. The registrant is using a privacy protection service. It is simple and easy for a web domain owner to have their details hidden in a whois lookup. However, legitimate professional businesses have absolutely no reason to hide the registration details for their website. Again, try it with your own bank’s website. They won’t be hiding their registrant.
6. The creation date of the site is very recent. A domain’s creation date can also be seen from a whois lookup. If a business is supposedly long-standing and legitimate, but their web domain wasn’t created until recently, it’s suspect.
5. The claimed copyright date on a site doesn’t match when it was actually created. Say the whois shows the domain was created recently, but the site is claiming copyright 2002… There’s a chance it’s not legitimate.
4. If there is login information visible in the source code of a website. This is most common in fake courier/shipping company sites. Most have a ‘tracking’ login page. Go to this page and right click and select “View Page Source”. If there is login information present, somewhere in all of that code you may find a large list of passwords. A legitimate business would never allow this.
3. A website is lacking in contact information. Most legitimate businesses will provide contact information such as a phone number, physical business address, and email(s). Fake sites often leave some or all of these out, and will regularly have a fill-in webform as their only means of contact.
2. A supposedly professional business website such as a bank or shipping company has a free email as their contact email. Most businesses such as these aren’t going to be using an @yahoo email for customer contact.
1. Something else doesn’t add up. Only US based banks are Member FDIC. If a bank website is claiming this, but isn’t US based, it’s likely fake. UK businesses will have company numbers, and sometimes the fake sites will display these as well. Search the claimed number and see if there is a real business using it (and if it’s the same as the website you’re looking at).
There can be exceptions to many of these, but they give a few things to look out for. The most common fake sites used in 419 fraud are fake banks and fake couriers. These sites often directly copy legitimate businesses. Search the business name to see if there is a separate real site that looks just like the fake. Search the domain name as well – it might be mentioned on an anti-fraud forum. Using common sense and looking over some of the above-mentioned points can keep you from being scammed by fake websites.