There are several steps you can take to spot a phishing email, but do you know how to spot a phishing website? If you’re tricked by the email into clicking a phishing link, you can still avoid getting tricked further by carrying out the following checks.
- Check the Address Bar
Ever noticed how some less desirable web pages disable your browser’s address bar? This is because having it there would help reveal the nature of the site. If an email opens a webpage that disables the browser’s address bar, it’s probably a deliberate attempt to conceal the fact that this is a hoax website. If there’s no address bar, click away.
- Check the URL
Even if there is an address bar, you should read it through to try and spot any signs of foul play. You should really do this before you click on a link, but phishing emails often trick people by making the link different from the anchor text (the highlighted text that describes the link). Once you’re on the website, check the URL matches the site you were supposed to navigate to. Make sure the URL is exactly the same as it would be for the legitimate site.
- Check for Trust Seals
If a site is legitimate, it will probably have a trust seal displayed prominently. These are simply small badges that act as a stamp of approval from third party companies – they’re there to show a site is trustworthy. If the page you’re taken to collects personal information, it should include some kind of trust seal. Check for one if you’re suspicious, and hover over it to find out more about the site.
- Check Your Browser Alerts
Every major browser includes an alert system. When you try to access a site that has shown suspicious or malicious behaviour, you will receive a warning letting you turn back. Many users have developed the habit of ignoring browser alerts, which is unfortunate since they can be the first sign you’re being taken to a phishing website. If a browser alert comes up when you open a link from an email, listen to it and navigate away.