By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    Malware Reigned Supreme In 2012
    12 months ago
    BEWARE THE THINGBOT!
    12 months ago
    Is your PC a part of botnet? Check it!
    12 months ago
    Latest News
    Beware of scammers! Dangerous apps in the App Store
    8 hours ago
    How To Limit Login Attempts on WordPress (+ Should You?)
    1 day ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (September 18, 2023 to September 24, 2023)
    1 day ago
    Two privilege escalation vulnerability in Simple Membership Plugin
    2 days ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    The creator of malware has infected her own computer
    12 months ago
    Windows 11 build 25163 out with new Taskbar Overflow feature
    12 months ago
    How to fix Microsoft Store not working on Windows 11
    12 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    8 months ago
    Now you can speed up any video in your browser
    8 months ago
    How to restore access to a file after EFS or view it on another computer?
    8 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    9 months ago
  • How To
    How ToShow More
    Cloudflare now uses post-quantum cryptography to talk to your origin server
    Cloudflare now uses post-quantum cryptography to talk to your origin server
    11 hours ago
    Privacy-preserving measurement and machine learning
    Privacy-preserving measurement and machine learning
    11 hours ago
    Encrypted Client Hello – the last puzzle piece to privacy
    Encrypted Client Hello – the last puzzle piece to privacy
    11 hours ago
    Reminder: Enable two-factor authentication wherever you have it. This business
    14 hours ago
    ​​Know exactly when your data is transferred to GoogleIn a world where our data is permanent
    14 hours ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    VK Messenger update
    9 months ago
    How to block a website in iOS?
    9 months ago
    How to post photos to Instagram from a computer?
    12 months ago
    Latest News
    How to enable extensions for Google Bard AI
    9 hours ago
    Window 11 Copilot: 10 Best tips and tricks
    16 hours ago
    How to create AI images with Cocreator on Paint for Windows 11
    2 days ago
    How to install September 2023 update with 23H2 features for Windows 11
    3 days ago
  • Glossary
  • My Bookmarks
Reading: How to spot online scammers
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
How To

How to spot online scammers

Tom Grant
Last updated: 13 October
Tom Grant 12 months ago
Share
8 Min Read

We’ve already covered the most obvious signs that someone is trying to scam you online. But it’s not always easy to spot a scam at first glance. So, before you transfer money or enter card details, it’s worth spending a bit more time and effort on checking e-mails and websites. To help, we’ve compiled eight tips to help you do just that.

Contents
1. Check the e-mail address2. Examine the links in the e-mail3. Take a look at the site’s security certificate4. Check who registered the domain and when5. Check the site content6. Bookmark important sites7. Be extra careful with payments and money transfers8. Rely on professionals

1. Check the e-mail address

Before clicking on a link in an e-mail or replying, take a closer look at the letter’s From field. It consists of two parts: one for the sender’s name, one (more importantly) for the actual e-mail address. The sender’s name can be anything, which scammers often exploit by using the name of the company they’re pretending to represent.

But replacing the real e-mail address (the bit with the @ sign) is much harder, so this is where attackers can slip up. In most scam e-mails, the sender’s real address will either have nothing to do with the company being impersonated, or look similar to the real one, but not identical — with one or more characters replaced (for example, the letter “O” with the number “0”), an extra word, etc.

Spotted a typo or inconsistency? Or the sender’s address is utter gibberish? Do not reply or click any links in it, but send it to the Spam folder straight away.

2. Examine the links in the e-mail

If the message contains hyperlinks or buttons like “Get a discount”, “Claim your free gift”, “Read more”, or any other obvious call to action, always check what’s behind it.

If you hover the mouse cursor over the link or button (taking care not to click by mistake), you will see the actual address of the web resource the senders want you to visit. Find the official website of the company in a search engine and compare the URL with the link in the e-mail. If the addresses do not coincide, for example, the link has a different domain (say .org or some .xyz instead of .com), do not open the page.

Always check what actually is behind a button or a link

Always check what actually is behind a button or a link

While you’re at it, go to the official website from the search results and see if it mentions the discount/gift/promotion the suspicious e-mail is telling you about. If it doesn’t, it’s likely a scam.

3. Take a look at the site’s security certificate

Some characters are so similar that the naked eye is easily deceived. Therefore, we suggest another quick way to check who owns the site — after you’ve gone there. Let’s consider the example of Google Chrome (in other browsers the names of menu items may differ slightly).

  • Click the padlock to the left of the URL.
  • In the window that appears, select Connection is secure.
  • Click Certificate is valid.
  • Make sure the Issued to field contains the name of the company that owns the site.

How to check a site's SSL certificate

How to check a site’s SSL certificate

The padlock indicates the site is certified by an independent organization and data to and from it is encrypted. We just saw the certificate confirming this. It’s fairly easy to obtain such a certificate, but not, fortunately, in another company’s name. So if the name of the company or organization appears in the certificate, it can usually be trusted (just make sure the name is correct).

What if there’s no padlock? This means that data sent to and from the site is not protected and can be intercepted not only by the site owners, but by third parties also, so entering confidential information there is definitely a bad idea.

4. Check who registered the domain and when

You can view additional information about the site domain using the Whois service. It provides data on all current IP addresses and domain names. Type the URL you want to check into the relevant field and see when the domain was registered and by whom.

Difference in Whois between corporate and private domains

Difference in Whois between corporate and private domains

The domain registration date is shown in the “Registered On” line. If a site claims to be the official resource of a reputable company with a long history, yet Whois says it’s only a couple of months old, you’re dealing with scammers.

It’s also worth looking at who the domain is registered to. The owner’s contact information can be found in the “Registrant Contact” section. If the company is a serious player, at the very least its name will be shown there, and often also its address, phone number and other details.

If the site purports to belong to a large company, but Whois displays “Private Person” in the owner field, the resource is untrustworthy. Sure, it’s generally fine for a domain to be registered by an individual, but if the site claims to be part of a huge corporation, it’s nothing if not suspicious.

5. Check the site content

Study the site in more detail: if it consists of just one or two pages, it’s very likely to be fake. Cybercriminals use such cheap and easy sites to tout fake Burning man tickets, dupe cryptoinvestors or give away PlayStation 5 consoles. Official corporate sites always have lots of sections with useful information: news, company history, products and services, partners, etc.

6. Bookmark important sites

Add all sites you frequently visit to your bookmarks and open them only from there — that way you eliminate the risk of accidentally opening a fake page. It’s especially important to do this for sites that you enter personal data on, be it social networks, online banks, crypto exchanges or e-mail clients. You can bookmark a site by clicking on the star icon to the right of the address bar.

7. Be extra careful with payments and money transfers

Sure, there’s no need to study a site in such detail if you’re going there just to read an article or watch a video. But if you’re planning to enter payment details, you should do so every time. Does the website address look strange? Does the page contain typos or odd design elements? Does the page have a proper SSL certificate (see above)? Enter your details only if everything is in order.

8. Rely on professionals

Even the most vigilant users sometimes make mistakes. But there’s good news: website verification can be automated by using a reliable solution with spam, phishing and online fraud protection. This will detect and block any threats in real time.


Source: kaspersky.com

Translate this article

TAGGED: Chrome, Phishing, PoC, SASE, Security, Split tunneling, Stack overflow, Threat, Threats, Tips
Tom Grant October 13, 2022 October 7, 2022
Share This Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Cloudflare now uses post-quantum cryptography to talk to your origin server
Cloudflare now uses post-quantum cryptography to talk to your origin server
Apps 11 hours ago
Privacy-preserving measurement and machine learning
Privacy-preserving measurement and machine learning
Apps 11 hours ago
Encrypted Client Hello – the last puzzle piece to privacy
Encrypted Client Hello – the last puzzle piece to privacy
Apps 11 hours ago
Beware of scammers! Dangerous apps in the App Store
Threats 11 hours ago
How to enable extensions for Google Bard AI
News 12 hours ago

You Might Also Like

Cloudflare now uses post-quantum cryptography to talk to your origin server
Apps

Cloudflare now uses post-quantum cryptography to talk to your origin server

11 hours ago
Privacy-preserving measurement and machine learning
Apps

Privacy-preserving measurement and machine learning

11 hours ago
Encrypted Client Hello – the last puzzle piece to privacy
Apps

Encrypted Client Hello – the last puzzle piece to privacy

11 hours ago
Threats

Beware of scammers! Dangerous apps in the App Store

11 hours ago
Show More

Related stories

How to upgrade to Windows 11 23H2 with Installation Assistant
How to install September 2023 update with 23H2 features for Windows 11
Critical Vulnerability in Forminator Plugin
How to get the latest Windows 11 innovations
How to blur image background in Photos for Windows 11
How to download official Windows 11 23H2 ISO file
Previous Next

10 New Stories

Reminder: Enable two-factor authentication wherever you have it. This business
​​Know exactly when your data is transferred to GoogleIn a world where our data is permanent
​​Fake correspondence with the iPhone interfaceIn a world where digital communication is
​​Let's find out who is watching your Instagram stories from a fake Have you ever wondered
Window 11 Copilot: 10 Best tips and tricks
How To Limit Login Attempts on WordPress (+ Should You?)
Previous Next
Hot News
Cloudflare now uses post-quantum cryptography to talk to your origin server
Privacy-preserving measurement and machine learning
Encrypted Client Hello – the last puzzle piece to privacy
Beware of scammers! Dangerous apps in the App Store
How to enable extensions for Google Bard AI
10alert.com10alert.com
Follow US
© 10 Alert Network. All Rights Reserved.
  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?