National KE-CIRT/CC Cybersecurity Best Practice Guide of the Week




In This Issue:

*        How to identify fake websites












The internet is full of websites that are either fake, fraudulent or a scam. If you’re not careful while using the internet you can end up getting scammed out of your money, or worse, your identity.



*         Browse the website: take a couple of minutes to double-check the site. Check that the website lists any contact information. Reputable and legitimate companies will always list ways to get in touch with them.

*         Double-check the domain name: a lot of fraudulent websites will use a domain name that references a well-known brand or product name. But won't be the official website. You should also be cautious of domains that end in .net or .org, as they are rarely used for online shopping so may have been acquired by questionable organizations.

*         Look for the HTTPS: Legitimate websites have to have the HTTPS protocol, which is reflected in their web address, as opposed to just http://, where the ‘s’ stands for secure.

*         Trust marks: just because a website appears to carry the logo of a reputable trade organization, it still doesn’t necessarily mean the website is genuine. If you’re in doubt, you could always contact the trust-mark company to check.

*         Check for ads: If a website has too many ads and popups, it’s likely a scam.

*         Check return policy:  If the company is selling a product online, it should have a shipping and returns policy listed on its website. If it’s a real company, it should tell you how and where to return a faulty it.

Have the above security tips in mind as you interact with the Internet. Report any cybercrime incident/activity to /