Fraud Tip of the Day November Tips November 3 - US Government site or phony phishing scam?
Fraud Tip of the Day - November 3
US Government site or phony phishing scam?
Several phishing scams depend on you thinking you're on an official US Government website. How can you tell if it's the real deal?
Phishing scams are devious plans designed to trick you into handing crooks your personal and financial information. Once they have what they need you can become a victim of identity theft or find that your bank account has been emptied. No one wants that!
So how do these people continue to fool people despite constant reports about it in the media? One problem is that people often can't tell a real website from a forgery despite obvious clues that are right there in front of them. Think of how much trouble one could cause by impersonating a US Government website.
Do you realize how easy it is to duplicate a website? There are tools out there that allow someone grab themselves a copy and upload it to their own server. It will look EXACTLY like the original site. Why shouldn't it? It's a perfect copy. Phishing scams do this all the time and find that it works very well at tricking people into giving them what they need. Being able to tell the difference between the real website and the duplicate is your biggest weapon. Failure to spot any one of several subtle clues could result in big problems down the road.
How to tell if you're on the right website:
- Look at the URL - Is the domain in your web browser's address bar what expected? Does it at least end in .gov? If it's an IP address like http://209.200.73.89 you should be wary. On second though just leave. IP addresses are one of the biggest giveways that you're on a phony website. Sometimes the domain is close, but not quite what it should be. Look carefully. If in doubt, leave and search for what you need from a site you know is real.
- Check for SSL Certificates - Most government sites have SSL certificates and use them to encrypt information sent to them via web forms. You should see a lock icon somewhere on your screen. It's usually near the top or at the very bottom of the browser window. Clicking on it will give you information such as the website's address, if the connection is encrypted and whether the certificate is current or has expired. Forms on the web don't always use encryption but sensitive information such as your Social Security number or driver's license and banking or financial data should always be encrypted.
More Phishing Scam Information
Avoid Phishing ScamsBetter Business Bureau Warns of Fake Email Phishing Attack
Spear Phishing
Phishing schemes getting sneakier
