A phishing website can be created by an individual, a small group of people or even a criminal organization and they can use any type of fake company as a front. A phishing website is one that looks like a website for a legitimate business, but it has actually been created by someone with malicious intent.

These websites usually ask the visitor to put in their personal information such as credit card numbers and addresses, and then use that information to steal their identity or money.

How to Identify a Phishing Website

A phishing website will often ask for sensitive information up front.

A phishing website may ask for information such as your username, password, or credit card number, which are never requested by legitimate websites or financial institutions. If you see these kinds of requests on a website, it’s probably not safe to use your account credentials with them.

The phishing website is hosted on a suspicious domain name.

A phishing website will almost always be hosted on a domain that doesn’t belong to the company it’s pretending to be. This is especially true if a phishing website has been created recently. If you see that something looks fishy, check the domain name and make sure it’s not owned by someone else (or at least not owned by a legitimate company).

For example, if you enter a bank’s official URL and arrive at a page that looks like the real one but has an extra “s” in it (e.g., www.mybank-s.com), this is probably a phishing website.

The phishing website contains broken links.

If you see a page with a lot of broken links, it could be a phishing website. A phishing website is often set up with a fake version of the original website and will have many broken links to make it appear more realistic. If you see an error message that says something like “This page not found,” or “404 Error,” that’s a good indication that you are on a phishing website. A reputable company will make sure to fix any redirect errors on their website.

The phishing website will look suspicious or unprofessional.

A phishing website is usually designed and developed by fraudsters who do not care how professional their website looks because they just want to trick people into entering their sensitive information so they can steal money from them later on. So if you notice that the website’s design does not look professional or does not follow your bank’s usual design, then there would be no reason for you to trust it either.

Phishing websites typically don’t have an SSL certificate.

An SSL certificate is the little padlock icon in the browser bar that lets you know that your connection to the site is secure. If there’s no green padlock and SSL certificate on the URL, then it is not a secure connection and you should not trust your information with this website.

In short, it’s pretty easy to spot a phishing website if you know what you’re looking for. Are there spelling errors? Is the URL for the website a little odd-looking, perhaps misspelled? Does the site seem to be asking for information that, frankly, no legitimate website would ever need to have in order to do business with you? Is it strange that you aren’t prompted by your bank or your credit card provider or whatever site you’re supposedly on, but instead straight away asked to put in your personal information? If your instincts recognize any of these red flags, move on—it’s probably a phishing scam

Wanted: The Truth

Active Intel Investigations is here to help you with every aspect of your investigation, from conducting the investigation to preparing evidence to provide it in court.

Get started with your investigation, browse our video library for investigative resources, or schedule a no-obligation consultation with a licensed private investigator to discuss the specifics of your case.