Prompt: Can you spot three fake websites and compare the three fake websites to three real websites, plus showcase what makes the fake websites fake?

During the early stages of the internet, it was extremely difficult to authenticate the legitimacy of websites. Though methods have been implemented to curb malicious links, they still persist. Below there are three examples of fake/malevolent websites.

Example one: Rather than provide an exact website, I’d like to display a common practice amongst fraudsters. Prepending, also known as typosquatting, bad actors purchase domain names that look similar to a legitimate website. The issue is so important, CompTIA has added it to their Security+ exam. When someone enters in a URL manually, they are prone to mistakes. Malicious actors exploit this. For example, a hacker may purchase the URL “ggoogle.com” or “gooogle.com”, which will take them to a seemingly authentic website. Once the victim lands on the page, there’s usually some form of credential harvesting.

Example two: Malicious individuals may not initially pounce on a victim. Instead, attackers may lull their potential victims into a false sense of security. Below, there is an example of a fake USPS website asking users to complete a survey, then asking for personal information to enter win an iPad, they also provide fake reviews. These fake reviews follow the principle of consensus within cyber social engineering, as there are “others” who can validate the claims of iPads.

(As you can see, no postal experience survey)

Example three: Another example of typosquatting, but with an added step. Some big banks and corporations can pay Certificate Authorities not only for certificates, but also an added tab where the HTTPS lock would be for further authentication.

Original link (https://safety4sea.com/netherlands-warn-about-fake-websites/)