Five Part Series – Part II – Understanding Fake websites
One of the most common mistakes that I’ve seen when introducing someone to using the web for the first time, is that they’ll often mis-type the address of a web page. This was worse years ago when you had to type in the three letters “www” before every web address, but these days web browsers are intelligent enough to understand that “www.makeuseof.com” and “makeuseof.com” is the same thing.
In fact, in Chrome and many other web browsers, the URL address bar now doubles as a search box using whatever default search engine is set up in the browser settings. So when you type a single word like “fish” in the URL field, the browser recognizes that this isn’t a web address, so it’ll return search results for that word.
However, it’s still possible to mess up. Type in “gool.com” (a common error when people try to type “google.com” too fast, and you’ll see what I mean.
This is called a “cybersquatter” page. Pages like this are purchased and parked by people or businesses hoping to make a few cents from the unsuspecting people who mistype these website addresses. If you’re lucky it’ll just be a page filled with ads. If you’re not lucky, it could be owned by someone who created a fake page meant to look like the original. You’d find a number of these at web addresses with close spellings to websites like bankofamerica.com, or paypal.com, for example.
How do you know if the website you’ve visited is actually real and not some fake site? Look for the padlock. With most legitimate websites where your private data is at risk, like banking sites or online email services, you’ll find a padlock displayed in either the bottom status bar of the browser (typical with Firefox) or to the left of the URL location field (typical with Chrome).
This status should be displayed somewhere on the browser menu or on the browser status bar itself, not inside or on the web page itself. Typing in the actual URL of a website you want to visit is usually the safest way to access your accounts (rather than clicking on an email link) – so typing URLs is still your safest bet, but just be very careful about your spelling.
Another security measure you’ll find on a number of banking sites is something called a SiteKey. This was developed as a technique by banks to stop the sort of “fake website” hacking that was going on and particularly targeted bank accounts.
When you set up a SiteKey on your bank account, it isn’t just meant to be an annoying extra step in the login process. It’s meant so that you know you’re accessing your own account, because fake website owners would not be able to display the correct SiteKey image for your account, since every account would have a different SiteKey image.
Sourced from makeuseof.com