Website spoofing (or website scams) involves making a malicious website look like a legitimate one. The spoofed site will look like the login page for a website you frequent, down to the branding, user interface, and even a spoofed domain name that looks the same at first glance. Cybercriminals use these websites to capture your username and password or drop malware onto your computer. This is potentially more devastating because they could gain access to any information you save on that device. A scam site will generally be used in conjunction with a phishing email, in which the email will link to the website.
Registering a domain name requires little effort and has little oversight. There are some barriers in place to prevent near-identical domains from being created, but scammers are clever enough to find workarounds.
After a person has fallen for a spoofed website, they will likely carry on with their normal behaviour without a second thought. This could include typing in their username and password or entering in banking information, which is exactly what the scammer is hoping for.
Even though you think it’s business as usual, the website is saving whatever information you enter. The scammer can then use your login information to gain access to the legitimate website, or any other website that uses the same username and password.
Web spoofers follow similar tactics and make common mistakes in their attempts to fool their victims. That makes it possible to identify them for what they are. Here are a few tips.
|wpl_user_preference||sainthelenabank.com||WP GDPR Cookie Consent Preferences||1 year||HTTP|
|_ga||sainthelenabank.com||Google Universal Analytics long-time unique user tracking identifier.||2 years||HTTP|
|_gid||sainthelenabank.com||Google Universal Analytics short-time unique user tracking identifier.||1 days||HTTP|
|_wpfuuid||sainthelenabank.com||Online Forms||11 years||---|