StatusCake

The 5 easiest ways to spot a fake website in seconds

Let me start by telling you a story about someone that couldn’t spot a fake website. I was speaking to my best friend two days ago, catching up over some now-allowed outside brunch when she dropped an absolute clanger on me. The conversation went like this – 

“So Dave got scammed last week.”

“What do you mean he got scammed last week?”

“He went on the Daily Mirror website and there was this advert for an investment opportunity, basically a “make money quick” scheme so he registered with them online then called them up and they asked him for a one-off payment of £250 and his credit card details.”

“Did he give them his details?!”

“Yes! It was the Daily Mirror, of course he gave them his details.”

I know what you’re thinking – we can now guess it’s not the Daily Mirror but bear with me.

“Then £250 was taken from his account and over the course of the next few days, more and more money was taken off of his credit card that he couldn’t account for. So he called them up and the number was no longer valid…”

“So did you check out the website again?” 

I know what you’re thinking – we can now guess it’s not the Daily Mirror website but bear with me.

“Yes! And it was an exact replica of the real Daily Mirror website – its appearance was exactly the same; everything looked legit!”

And there lies the problem – fake websites DO look legit. So how does my best friend’s husband and all of you out there now checking your credit card statements for fishy Daily Mirror transactions spot a fake website? By checking for these 5 things:

1) The URL

We spend so much time online these days that we rarely take much notice of the URL structure of a website that we visit. When was the last time you really sat there and looked at a URL to see if it was exactly what it should be? More importantly, do you know exactly what it should be? 

Take the StatusCake website URL as an example:

One single letter in this URL signifies a secure website – the “s” after HTTP. Always check websites that you’re going to give personal information to have “HTTPS” and not just “HTTP” so you know it has security measures in place to protect your data. 

But that’s not all you should be looking out for when spotting a dodgy URL. 

It might sound strange but fake websites like to use numbers in their URL structure. 

For example – http://www.lovebakery44.com 

Vs. the real URL which would be – https://www.lovebakery.com 

Subtle differences that you may not notice but could be the difference between you having an experience like Dave, and being safe on the internet. 

2) Check the payment methods they accept 

Trustworthy websites use the logos of Visa, MasterCard, PayPal, and so on to show that they use secure methods of payment. Always check for these before adding any of your card details or bank details onto a website. The logos of these trusted payment companies can usually be found in the header or the footer of a website or on the checkout page.

If the website doesn’t show any of the recognisable payment methods that you’re used to, then be sure to check on their actual website. For example, if you’ve never heard of “Klarna”, do some investigating of your own by researching and if they are legit, they will have details of their own security methods of processing your payments and their encryptions. 

3) Is the website professional?

Nothing screams fake website more than a 1999 template that has bold headers followed by random chunks of text, all unaligned, all full of spelling errors, and a mobile number as the contact. 

Dave found the Daily Mirror website harder to spot as fake because the scammers made it look exactly like a recognisable brand. But there are some tell-tale signs, even on these ones.

For example, sometimes these websites will use the wrong font when trying to replicate the original brand. 

For example:

Vs.

StatusCake

Subtle but a clear sign of a fake website. Same goes for logos that have been copied, just not very well. Ah, the power of content.

4) Check if they’re a registered company

Companies tend to put their registered company and address on their website. It’s most likely to be displayed in the footer of the homepage or on the terms and conditions page. 

For example, ours sits on our terms and conditions page – 

TrafficCake Limited is a company registered in England and Wales (Company No. 08250233) and whose registered address is Third Floor, 12 East Passage, London, EC1A 7LP.

If you can’t find the company’s registered details on their website, or you’re suspicious of the details that they’ve provided, always check with your country’s registered companies database. These are readily available to you online and take just a few seconds to show you if a company is legally registered or not. 

5) Read the terms and conditions

Fake websites tend to get those of us that just click “yes” to cookie policies, to privacy policies, and unfortunately, to terms and conditions. Some of them don’t even have terms and conditions. 

The one clear way to spot a fake website is by signing up for a service that gives you no terms and conditions to agree to. Why? Because they’re not planning on providing you with that service or the deal they’re offering you really is far too good to be true.

In this day and age, it’s very difficult to spend 15 minutes of our time reading through tedious legal jargon on a terms and conditions page, only to see that yes, everything is a-ok. But, what if it wasn’t? If Dave had spent time looking for terms and conditions, he might have thought twice about giving the fake Daily Mirror his credit card details and saved himself a whole heap of mess. 

Ultimately, fake websites will always somehow find a loophole to nab people, even if you follow every rule in the book. But if you take note of these top 5 ways of spotting a fake website, you’re far less likely to become Dave. 

SSL certificates are a sure-fire way of making sure a website is safe and checking for that trusty “padlock” on the URL bar. Combine that with Google rankings, online reviews that have both positive and negative reviews, their social media accounts, and a well-presented website and it’s likely that where you’ve landed is safe. If you’re ever in doubt, don’t put your personal information into any forms or pop-ups, especially if it says DailyMirror44.co.uk. Oh, Dave. 

P.S Dave got his money back after cancelling his credit card. Hooray for Lloyds.

Share this

More from StatusCake

json-coding
Engineering

The ultimate guide to working with JSON

7 min read Are you a developer? Are you working with JSON or thinking to? You’re going to need this tutorial guide to walk you through everything you need to know about JSON so you can be a pro in no time!

Engineering

Design Systems – A Storybook & React Tutorial

6 min read In this tutorial, I’ll be using one of the most popular frontend tools for building a design system – Storybook. This works really well with React, so I’ll be setting up a React project with an example component and showing you how to integrate Storybook within that.

short-reads

Why you should be using a VPN when working from home

2 min read Are you using a VPN whilst you work from home? No? Well, you should definitely get reading this over your tea break; internet safety has never been so important and this is one thing that is quick, easy and effective to use!

clock measuring uptime
short-reads

The 8 questions people always ask about uptime monitoring

5 min read We get asked questions about uptime monitoring all the time, and we know that Google does too. So we’ve compiled the top 8 questions that are consistently asked so you can get all of your uptime answers, all in one place!