Fake Web sites: Don't buy into the lie
Page | 1 | 2 | 3 |

10 ways to spot a fake
You're Internet-savvy. You know the Nigerian who professes to be Donald Trump-rich doesn't really plan to split a fortune with you. And you know you didn't win the Spanish lottery. But separating real Web sites from fakes takes a little bit more Net knowledge than simply ignoring what is obviously sucker e-mail.

Fake Web sites Here are a few tips from the experts, including C.J. Fearnley, LinuxForce's chief technology officer and computer security expert.

10 ways to spot a fake 1. Look for locks. 2. Cancel the clicks. 3. Report the rip-off. 4. Sidestep the scam. 5. Start a search. 6. Look at the link. 7. Hover for honesty. 8. Make sure it's not a mistake. 9. Examine for errors. 10. Stay smart.

1. Look for locks.
Check the Web address before entering personal information. You should see two things: "https" at the beginning of the URL and a closed lock symbol at the end or, alternately, at the bottom of the page, depending on your browser. Their presence indicates that the site is secure. Beware if one or the other is missing.

2. Cancel the clicks.
Don't click on e-mail links asking for information. Banks, eBay, PayPal, credit card companies, airlines and reputable businesses don't operate like that.

3. Report the rip-off.
Expose the full message header -- that's the Internet routing information -- on suspicious e-mails and send them to the company that's being spoofed. The full header is needed to trace the e-mail. Find the correct place to send the message on the company's Web site. (Sometimes addressing it to abuse@thecompany'sname.com will work.) How to locate the header? It depends on your mail program. Look for a tab in the toolbar.

4. Sidestep the scam.
Bookmark the companies where you do business. If you have your bank, credit card and other frequently visited sites as your favorites, you can navigate your way to them by simply clicking on the bookmarks (or favorites) tab.

5. Start a search.
If you want to go somewhere that's not bookmarked, try running a search on a major search engine such as Google to find the real site.

6. Look at the link.
Although major search engines should dig up the legitimate site, you still need to use caution. Fearnley says, "Exercise some critical thinking." In other words, don't do anything without making sure you're in the right place. Here's how:

Make sure you're in the right place

1. If you click around the Web site, does your URL bar (the site address at the top of your browser) take you to a different IP, or Internet Protocol, address? If so, run. 2. Check out the security certificate, and make sure it's valid and up-to-date. If a certificate is expired or can't be validated, get out. 3. Open a new tab or browser and run a Google search. Does the page you're looking at pop up? It should.

7. Hover for honesty.
By hovering over a link, you can see its origin near the bottom of your screen. If it's supposed to be eBay and you see an IP address (a series of numbers) in front of the word "eBay," then you've got a phony page.

8. Make sure it's not a mistake.
Even if you manually enter the URL into your browser, one slip of the finger could send you to a look-alike or mirror Web site, not the one you intended. Double-check to make sure you typed the site address correctly.

9. Examine for errors.
Burke says to look for misspellings and grammatical errors on phony Web sites. Your banker knows "mortgage" has only one "e."

10. Stay smart.
Not being an easy target is your best defense against rip-offs.

Fearnley says crooks are capable of duplicating Web sites down to the tiniest detail. "Don't be fooled -- they can hide 'gotchas' (traps) on the page," he says.

Be suspicious, and you can lessen the chance that you're being taken for a ride. Oh -- and that e-mail from your bank? There's one surefire way to avoid being scammed. Look up the bank's phone number yourself and call them. It works every time.