What are criminal websites?

Dodgy websites come in many shapes and sizes, including:

•Phishing sites that try to steal your identity.

•Fraudulent online shops.

•Tempting sites that contain viruses or spyware.

•Sites that (unexpectedly) contain illegal or pirated content.

•Sites that promote worthless investments or get-rich-quick schemes.

It is very easy to clone a real website and criminals can use virus-infected computers to host a dodgy website so it costs them nothing to put it up. It doesn’t take a skilled developer long to produce a very professional-looking site.

How to spot a fake website

We recommend that you install the latest version of your web browser. Internet Explorer 7 and Firefox 2 both have sophisticated filters that can detect most fake websites.

Here are some other clues that might give away a fake:

•Use your instincts and commonsense. If it smells bad, it's probably rotten.

•Look for evidence of a real-world presence: an address, a phone number, an email contact. If in doubt, send an email, make a phone call or write a letter to establish whether they really exist.

•The website's address is different from what you are used to, perhaps there are extra characters or words in it or it uses a completely different name or no name at all, just numbers.

•Right-clicking on a hyperlink and selecting "Properties" should reveal a link's true destination – beware if this is different from what is displayed in the email.

•Even though you are asked to enter private information there is NO padlock in the browser window or "https://" at the beginning of the web address to signify that it is using a secure link and that the site is what it says it is.

•A request for personal information such as user name, password or other security details IN FULL, when you are normally only asked for SOME of them.

•Although rare, it is possible for your computer to be corrupted by viruses in such a way that you can type a legitimate website address into your browser and still end up at a fake site.  This problem is known as 'pharming'.  Check the address in your browser's address bar after you arrive at a website to make sure it matches the address you typed.  Subtle changes ('eebay' instead of 'ebay' for example) may indicate that your computer is a victim of a pharming attack.

Avoid dodgy sites

•Avoid sites that hype investments, whether in shares or alleged rarities like old wine, whisky or property. Do your homework and always get professional advice before making investment decisions.

•Be wary of sites that promise easy profits. If it looks too good to be true, it probably is. Be particularly sceptical of schemes that involve the recruitment of others, receiving money for other people or advance payments.

•Do a web search to see if anyone has had any problems with a suspicious-looking website.

•Don't judge a website by its appearance. It is easy to create flashy, professional-looking sites and it is easy to steal other people’s web pages and designs.

•Be wary of websites that are advertised in unsolicited emails from strangers.

Other ways to protect yourself

•Never click on a link embedded in an email. Always enter the real address yourself by typing it into the web brower.
•Consider using a spam email filter that will detect and block many fraudulent emails.
•Be wary of hoax emails and advance fee fraud emails.
•This kind of fraud also takes place over the telephone and in person. Be wary of social engineering in any form .
•Don't give out personal information unless you initiated the contact and you are sure you know who you're dealing with.
•If in doubt contact the bank or website owner direct by telephone or email before proceeding.