How to spot a spoofing or phishing website
How to spot a spoofing or phishing website
Online access to bank accounts has made banking much easier. What once took the better part of the day to visit the bank now only takes a couple of minutes as you can easily view your account balance, transfer money, and pay bills in one sitting.
But these conveniences come with risks of being defrauded by scams. Spoofing and phishing is an act where fraudsters use a disguised website, trusted device or even correspondence designed to trick you into giving out private information that can be used to take your hard-earned money from your account or even worse use your identity to commit fraud.
That’s why internet security literacy is important for all online banking users, and this includes spotting the following signs of a spoofing or phishing website and messages.
Emails redirecting to a fake page
This is one of the more common types of phishing scams. You receive an email that appears to be from your local bank saying they detected an anomaly or a discrepancy in your account and had it shut down. It then tells you to click on a link on the email and log into your account to activate it once again.
This tactic plays on your worry, pushing you to follow the instructions quickly instead of checking the red flags. This type of scam is designed to gain access to your account password and use it to access your bank account.
To spot these fake emails, check for:
- The email address (legitimate companies and trusted institutions will often have their own private domains, instead of the usual Gmail or Yahoo public emails)
- The greeting in the email (“Dear Valued Customer” rather than addressing you by name)
- Faulty grammar, awkward wording, and punctuations
- Comes with a link or button redirecting you to a fake website
The best thing to do when you see an email like this is to ignore it or report it to your bank. Never give out sensitive information to these websites. Never click on links and buttons as this may download malware or virus into your device.
Wrong website URL
If you are redirected to a website that claims to be the login page for your bank, check the URL. If the domain name does not specifically indicate the website URL of your bank, then it’s not legitimate.
For example, Metrobank’s online banking portal is “onlinebanking.metrobank.com.ph/signin” If it looks something like “metrobank.com.ph.login.security” or “banklogin.metrobank.com.ph,” then these are spoofing sites pretending to be legitimate in order to trick you into giving your account access details.
To be safe, always keep the official bank website address and manually type it whenever you start your online banking session. When in doubt, use the mobile app instead of using your browser to access your account. You can check the legitimacy of the app on Google Play Store and Apple App Store.
Install anti-virus software
Having an updated anti-virus software that comes with internet protection can safeguard you against phishing and spoofing sites. It can detect if a website is trying to spoof or replicate a legitimate website, blocking or warning you against entering it regardless of your browser.
So, when your software pings a website as a potential scam, trust that it’s there to keep you safe and protect you from a spoofing website.
While online banking has made it more convenient for users to access their money, the digital risks are still there. It’s important to be vigilant and protect your account from potential hackers and thieves by knowing how to spot a website designed to trick you into providing your information. If you’ve spotted any signs of fraud, visit our Fraud Prevention page and report the incident.
Open a Metrobank Savings Account today to keep your hard-earned money safe and secure.
