Article by NortonLifeLock APAC Senior Manager, Mark Gorrie.
What is site spoofing?
Have you ever visited the website of a well-established brand, but something just didn’t seem right? Maybe the user interface seemed outdated or the grammar was incorrect? Maybe it wasn’t the brand’s website at all. Instead, you may have visited a spoofed website.
Website spoofing, also known as domain spoofing, occurs when a scammer creates a fraudulent website in an attempt to steal from its visitors. It starts with registering a domain name almost identical to the intended landing page. Some of these web hijackers are so sophisticated that they can accurately mimic the user interface of a legitimate website. But even crudely constructed scams can cost unwitting visitors dearly.
Once the scammer has gained a person’s trust, they will attempt to steal personal information, such as usernames and passwords, or attempt to trick a user into downloading malware onto their computer .
How does website spoofing work?
Registering a domain name requires little effort and little oversight. There are some barriers to prevent near-identical domains from being created, but scammers are smart enough to find workarounds. If they can disguise their website identity as something else, their mission is almost done.
After a person has fallen in love with a spoofed website, they will likely continue their normal behavior without a second thought. This may include entering their username and password or entering their credit card information, which is exactly what the scammer is hoping for.
It may seem like business as usual for the user, but the website saves all the information entered. The scammer then uses the login credentials to access legitimate websites or any other websites using the same username and password. Or they store credit and other financial information to use on a shopping spree.
Another danger of spoofed websites is that they can be programmed to drop malware onto the victim’s computer. This is potentially more devastating as they could access all the information saved on that device.
How to Spot and Protect Against a Spoofed Website
Experienced impersonators will often try to copy a website’s graphic design as closely as possible. But a trained eye will be better able to discern right from wrong by knowing a few key details.
1. Look at the URL
The most common tactic among website spoofers is to create a URL almost identical to a legitimate website. The URL can only be offset by one letter, even when using the number “1” instead of a lowercase “l”. People can easily navigate to the spoofed page by mistakenly typing the wrong key or just looking at the URL before clicking on it.
To avoid this, use bookmarks for frequently visited pages. Since random links won’t be clicked, it’s convenient to bookmark regularly visited websites. This speeds up the process of visiting the page while reducing the risk of human error typing it in by hand.
Also, when visiting a page that is not already bookmarked, manually search for the URL. This avoids the risk of a malicious link planting a virus on the device. Make sure the URL is spelled correctly; otherwise, you will not reach the intended page.
2. Avoid clicking on mysterious links
Cybercriminals’ tactics keep getting better. The best way to evade a malicious link is to avoid clicking on it entirely. Instead, manually enter the domain name into a browser to increase the likelihood of reaching the legitimate destination.
Links and attachments in emails should be treated with the same caution. And it’s a good idea to send spoofed emails directly to the spam folder to reduce the risk of opening one accidentally.
3. Find an SSL certificate
A Secure Sockets Layer (SSL) is an additional level of security for every visitor to a website. This is an encrypted link that protects sensitive information from being shared without consent. It is usually represented by a padlock or a green icon next to the URL. Of course, an SSL does not guarantee that a website is legitimate, but it is strong evidence in its favor.
4. Make sure the domain matches the SSL certificate
Since a third party is producing the SSL for the website, double check the certificate by comparing it to the URL. Click on the SSL icon to validate its security. If it was sent to a website different from the domain in the URL, something fishy is going on and it should not be trusted.
To avoid scams such as website spoofing, it is advisable to clean your devices periodically and use a reputable security suite on all your devices. Even with responsible use of the Internet, scammers can slip through defenses, so it’s a good idea to rely on a competent Internet security program to compensate for gaps in user practice. For example, it can block malware before it can be downloaded to the device or trigger an alarm signal if the user visits a dangerous website.
Every little extra effort goes a long way towards making you a tough target.
Article by NortonLifeLock APAC Senior Manager, Mark Gorrie.