Uncategorized

Journal Entry #6

Posted by ldunk001 on

Can you spot three fake websites and compare the three fake websites
to three real websites, plus showcase what makes the fake websites
fake?

Many cyberattacks focus on deceiving human judgment to trick victims into providing sensitive information in a fake application. A lot of times, this is in the form of a fake website. The top ways we can spot a fake website is as follows: 

Check the domain name closely. Typosquatting is a common cybercrime that involves attackers registering/controlling a domain that mimics a legitimate domain, but with a misspelled domain name. Take the website Google.com for example. This is the official website of Google and their search engine. An individual trying to access Google may misspell the url as www.gooogle.com , with an additional “o” in the domain. Attackers could register the gooogle.com domain to mimic the Google search engine and attempt to fake a sign on screen to steal a victim’s Google account. Ensure that when accessing a legitimate website that you correctly type in the url correctly with the correct top level domain name. 

Check for the padlock symbol next the url in your browser. In most common web browsers, such as Google or Firefox, next to the URL bar will show a padlock icon. This icon refers to the type of protocol used. The padlock icon indicates that the website uses HTTPS and without the icon indicates that the website uses HTTP. HTTP is the oldest web protocol that sends data in clear text with no encryption implemented. Not only making you a target for a MiTM attack on your own network, but also symbolizes that the website is poorly configured.  While around 99% of websites most individuals use are HTTPS, if you encounter an HTTP website, this will be a big red flag and individuals should navigate very carefully. 

Check for any grammar or design issues. Typically, fake websites are poorly written and contain many grammatical errors or design errors. Attackers don’t tend to take a lot of time or effort in designing a fake landing page. If you see a webpage with obvious errors, be more skeptical on what the website you are connecting to. 

How are you accessing the URL? I liked to add this part because sometimes context will also help expose fake websites. If you get a sketchy email with a weird looking link, most of the time the website is fraudulent. Clicking unknown links from unknown individuals may make you prone to more fake websites and malicious activities. 

Leave a Reply

Your email address will not be published. Required fields are marked *