A phishing website is a replica of a legitimate website created by a fraudster to trick users into entering personal information. The fake website may look almost identical to the real site and have a similar web address. The goal of the fake website is to steal account or login information. Users can protect themselves from phishing websites by being cautious when entering personal information online and by looking for signs that a website may be fake such as a mismatched URL, extra characters in the URL or spelling errors. When in doubt, don’t click.
What are some examples of fake website phishing scams?
Some examples of fake website phishing scams include (note: these are just some examples):
- Banking or financial institution phishing: attackers create a replica of a financial institution’s website and then send out emails or messages asking users to log in to the fake site and enter their personal and financial information.
- Payment gateway phishing: attackers create a fake website that looks like a legitimate online payment site and ask users to enter their credit card details to make a payment.
- Social media phishing: attackers create a replica of a social media website and ask users to log in with their credentials. Once the user enters their login information, the attacker can take control of their account.
- Email phishing: attackers send out an email that appears to be from a legitimate source, such as a bank or a government agency, and ask the recipient to click on a link that takes them to a fake website.
- Tech support phishing: attackers create a fake website that looks like a legitimate tech support site and ask users to enter their personal information or remote access to their computer.
- Charity Phishing: attackers create a fake website that looks like a legitimate charity website and ask users to donate money.
The best way to protect yourself from these scams is to be cautious when entering personal information online and to look for signs that a website may be fake.
What does Charter Oak do to prevent fake website phishing scams?
We have implemented several measures to prevent fake website phishing scams:
- Two-factor authentication: We recommend members setup two-factor authentication, which requires members to enter a one-time code sent to their phone or email in addition to their login credentials. This makes it much more difficult for attackers to access a user’s account even if they have obtained their login information.
- URL and domain monitoring: We use state-of-the-art technology to constantly scrape the internet to identify and shut down fake websites attempting to look like us. This is a measure that can be proactive or reactive depending on the situation. If a fake website is still active, domain monitoring does not prevent criminals from getting your information if you enter it. Always check the domain, if you’re unsure call our contact center.
- Security software: We use security software to scan our website and identify any vulnerabilities that could be exploited by attackers.
- Regularly updating the security measures: We regularly update our security measures to keep up with the latest phishing techniques.
It’s important to note that, even with these measures in place, phishing scams can still be successful.
What should I do if I am suspicious of a fake website phishing scam?
If you suspect that you have come across a fake website phishing scam, there are several steps you can take to protect yourself:
- DO NOT enter any personal or financial information: legitimate institutions will not send texts or emails requiring you to click on a link to change your password or ask for sensitive information.
- Change your password: if you think you may have provided your login credentials to a scammer, change your passwords immediately. Use complex passwords that you can remember but no one should be able to guess.
- Enable Two-Factor Authentication: this technology requires two-factor verification for each login and prevents scammers that obtain your login credentials from being able to access your account.
- Monitor your accounts and turn on transaction alerts: alerts can be set up for risky type transactions where your money will leave the financial institution. Check your balances, transaction details and statements for any unauthorized transactions, and report them immediately.
- Verify the website’s authenticity: check the web address of the website and ensure that it is the official website.
- Report the scam: if you believe that you have been a victim of a phishing scam, report it to the appropriate authorities.
It’s important to be vigilant when online and to be aware of the potential risks of phishing scams. By being mindful of these risks, you can help protect yourself and your personal and financial information.
What can I do to prevent being a victim of a fake website phishing scam?
Here are several steps you can take to prevent being a victim of a fake website phishing scam:
- Be cautious when clicking on links: Do not click on links in emails or text messages from unknown sources or that look suspicious. Instead, hover over the link to see the URL and verify that it is legitimate.
- Keep your computer and mobile device updated: Regularly update your operating system, browser, and other software to ensure that you have the latest security updates and patches.
- Use anti-virus and anti-malware software: Use anti-virus and anti-malware software to protect your computer and mobile device from malware and other threats.
- Be wary of unsolicited phone calls or messages: Be wary of unsolicited phone calls or messages, even if they appear to be from a legitimate organization. Scammers often use social engineering tactics to trick people into providing personal or financial information.
- Use Two-Factor Authentication: Using Two-Factor Authentication will provide an extra layer of security to your accounts, making it harder for scammers to gain access.
- Be skeptical of free offers: Be skeptical of free offers, such as free trials, that require you to provide personal or financial information.
- Educate yourself: Stay informed about the latest phishing scams and learn how to recognize them.
- Be cautious with public Wi-Fi: Avoid accessing sensitive information on public Wi-Fi. Scammers often set up fake Wi-Fi networks to steal personal information.
By following these steps, you can reduce your risk of falling victim to a phishing scam and protect yourself and your personal and financial information. Remember that scammers are always coming up with new ways to trick people, and it’s important to stay vigilant and stay informed.