3
A popular method used by phishers (scam artists who try to get you to reveal sensitive information like credit card numbers, bank accounts, etc.) to scam you is to hire a web developer to create a fake web site to do all of the phisher’s dirty work. Because it’s relatively simple for a decent web developer to copy another web site, it’s easy to be fooled with a fake web site. These fake sites are even more convincing when you see the name of your bank or some other online service in the URL (commonly know as the Internet address, or “web site”); but there are simple ways to spot a fake web site.
Common URL set ups
All HTTP URLs (i.e. your basic web site) follow a common format:
http://domain.tld/
For example:
http://example.com/
The “domain” is the actual domain name (e.g. “example”) and the “tld“, or top level domain, is the “com” portion.
The actual domain and the tld (e.g. “.com”, “.net”, “.org”, etc.) will always be the last parts of the URL before the first single forward slash (“/”) or a question mark (“?”) in an Internet address.
It’s important to note that a domain can have sub-domains before the “domain.tld“, such as our own http://blog.stopsign.com/, but only the real domain owners will be able to use the domain.tld format as described above to build/use their web site.
Spotting a fake/scam web site
Spotting a fake URL is as simple as looking for the domain.tld (in the right place) in the URL. If your bank is Chase, then you would expect to see http://www.chase.com; but if you saw http://www.chase.com.example.com/ then you know that you’re not really on chase.com; you’re on example.com.
Examples of valid example.com URLs:
http://www.example.com/http://example.com/http://blog.example.comhttp://www.example.com/blog/http://www.example.com?string
Examples of invalid example.com URLs:
http://www.example.fakeurlgoeshere.com/http://example.fakeurlgoeshere.com/http://www.example.com.fakeurlgoeshere.com?string
Did you see how all of the valid URLs have “example.com” before the first single forward slash and/or the first question mark? That’s the key to knowing what is real and what is a scam.
Back to top