What You Need to Know About Website Spoofing

  • January 5, 2023
  • Financial Partners Security Team

WATCH OUT FOR FAKE WEBSITES

Many legitimate companies, including financial institutions, are targeted by fraudsters who attempt to trick consumers into providing their personal information. A common fraud scheme is to create a fake website or web page that looks just like a legitimate company's site so they can steal your information, including your username and password. It's called website spoofing, and here's how it works.

What is Website Spoofing example diagram

Fraudsters will make a copy of a web page or site from a legitimate company and set up a domain name (URL) that looks close to the original company (for example, a legitimate URL is ABC.com, fake URL is ABO.com). They drive traffic to the fake site by sending out a phishing email or buying digital advertising from search engine providers like Google or Yahoo. Paid advertisements receive preferential placement, so these fraudulent websites are displayed at the top of the search results and make it appear the fake site is a legitimate company. Once they trick someone into visiting the fraudulent site, they attempt to collect your username, email, and password so they can use your information to get into your account.

Protect Yourself. Experienced fraudsters will copy a website that looks just like the original; sometimes, it’s just a picture or screenshot of the original site. If you look closely and pay attention to some details, you’ll be ready to spot a fake website in no time.

  • Avoid using Search Engines to search for your Financial Institutions (the Search Bar). Scammers will try to trick you by placing ads in the search results to make you think their fake site is legitimate. If you type a partial name into the search bar, there’s a chance that a malicious page will come up instead.

    TIP: Type FPCU.ORG directly into the address bar and log in to Digital Banking directly from the homepage.
     
  • Check the URL – Look for missing or extra letters. For example, FPCU.ORG is the legitimate Financial Partners website, not FPCU.COM. If you see something that looks like Financial Partners but has a .com or anything except .org – be extra cautious!

    TIP: Always type the URL directly into the address bar.
     
  • Confirm the URL – Make sure the URL is what you typed and that you weren’t redirected. Look for strange characters or extra numbers.
     
  • Examine the Page – Check the page for misspellings and typos. Hover over hyperlinks. Often, fake websites appear to be the original, but if you look hard enough, you’ll typically find some errors!

    TIP: Do not click on hyperlinks if you have doubts about a page. Hovering over the hyperlink will show you where the live link leads.
     
  • Be Wary of Links – Whether you get a link in an email or find it through a search engine – be cautious of links! They could appear to be legitimate but take you to a fake site.

    TIP: Don’t click on links unless you absolutely trust the source.

 

Keeping your money and information safe is important to us! To learn more about how we protect you, please visit fpcu.org/security-center. If you believe you have been a victim of a fraudulent website, please report this immediately by calling 800.950.7328 or submitting the information online.