Home > Empowering Tips > How To Spot Fake Websites & Protect Yourself

In today’s digital age, the convenience of online shopping, banking, and accessing information with just a few clicks has transformed our lives. From buying your favourite products online to handling financial transactions from the comfort of your home, the internet offers unparalleled ease and efficiency. However, along with this convenience comes a significant risk: the growing threat of fake websites. These deceptive sites are designed to look legitimate but aim to steal your personal information, financial details, or even your hard-earned money.

To safeguard yourself, it’s essential to understand how these sites operate and know how to protect against them. In this article, we’ll break down common examples of fake websites and provide practical tips to help you stay safe online.

Examples of Fake Websites

Understanding the types of fake websites can help you recognize them more easily. Here are some common examples:

1. Fake Online Shopping Platforms

Since the COVID-19 pandemic, many people turned to online shopping, leading to a surge in fake e-commerce websites. These fake sites often copy legitimate information — such as the design, logo, product images, and even customer reviews — from real websites to deceive users. They may alter small details like the website URL, company name, or contact information to make the site appear authentic at first glance. This tactic can easily mislead customers into believing they are on a legitimate site, especially if they are in a hurry or not paying close attention.

Red Flags: Suspicious URL variations, unbelievable discounts, lack of HTTPS, poor contact information, and copied content.

2. Fake LHDN (Inland Revenue Board) Website

In 2020, Malaysians were targeted by a fake website that mimicked the Inland Revenue Board (LHDN) website. The fraudulent site aimed to steal taxpayers’ information by directing them to log in with their personal details. The LHDN quickly issued a public warning and urged Malaysians to be cautious of such phishing attempts, advising them to only access the LHDN portal through the official hasil.gov.my website.

Red Flags: URLs with slight misspellings, lack of HTTPS, urgent requests for personal information, and unverified contact details.

3. Fake Bank Websites

In 2024, news reports have highlighted a rise in fake bank websites designed to deceive users and steal their financial information. These fraudulent sites closely mimic the appearance of legitimate banking institutions, using similar URLs and branding to create a convincing imitation. Scammers often distribute phishing emails or messages that direct users to these fake sites, where they are prompted to enter their login credentials or other sensitive data. Once users input their information, it is captured by the scammers and used for unauthorized access to their bank accounts.

Red Flags: Slightly altered URLs, phishing emails, lack of HTTPS, and unusual login requests.

4. Fake Government Assistance Programs

During periods of economic hardship, like the Movement Control Order (MCO) during the COVID-19 pandemic, fake websites emerged claiming to offer government assistance. These websites tricked users into providing personal information under the guise of registering for financial aid. The Malaysian Communications and Multimedia Commission (MCMC) and other authorities took steps to block these fake websites and issued public advisories to warn citizens. Despite these efforts, many people had already been scammed, showing the importance of verifying the legitimacy of such sites before providing personal information.

Red Flags: Misleading domain names, lack of SSL encryption, unverified contact information, and requests for sensitive personal or financial details.

5. Fake Job Offer Websites

Scammers create fake job offer websites to exploit job seekers, particularly those looking for part-time or online work. These sites often promise attractive positions with flexible hours or high pay but lack a legitimate hiring process. They may request personal information or upfront fees for supposed background checks or administrative costs. Job seekers might be drawn in by the promise of easy income or work-from-home opportunities, only to discover that the offers are fraudulent.

Red Flags: Unusual hiring practices, such as asking for payment upfront, offering high salaries for minimal work, or requesting sensitive information.

6. Fake Airline Ticketing Websites

With the rise of online travel bookings, fake airline ticketing websites have also appeared. These websites mimic legitimate airline ticketing platforms, offering tickets at significantly discounted rates. They may use URLs and designs similar to well-known airlines to deceive users into making purchases that result in non-existent tickets.

Red Flags: URLs that closely resemble official airlines but with minor changes, unrealistic discounts, lack of HTTPS, and poor website design.

Tips to Protect Against Fake Websites

Protecting yourself from fake websites requires vigilance and knowledge of common online scams. Here are some tips, along with examples, to help you stay safe:

1. Verify the URL

Always check the website’s URL for accuracy. Ensure that it matches the official site of the company or service you are interacting with. Look for subtle changes or misspellings that might indicate a fake site.

Example: If you want to visit the official website of a bank, for example, “www.mybank.com,” but you receive a link to “www.my-bank.com” or “www.mybanksite.com,” these variations could indicate a fraudulent site. Take the time to manually type in the URL or use a trusted bookmark.

2. Look for HTTPS and Security Indicators

Ensure the site uses HTTPS, indicated by a padlock icon in the address bar. This shows that the connection is secure. Avoid entering any personal information on sites that lack this security feature.

Example: While shopping online, you come across a site offering huge discounts. However, the URL starts with “http://” instead of “https://,” and there’s no padlock icon. This lack of security is a red flag that the site may be unsafe.

3. Research the Website

Before making a purchase or entering personal information, research the website. Look for reviews, complaints, and any history of fraud. Use tools like WHOIS to check the domain’s registration details.

Example: You find a new online store offering the latest gadgets at unbeatable prices. A quick search reveals multiple negative reviews and warnings from other users about non-delivery of goods. This research can save you from falling victim to a scam.

4. Be Cautious of Unbelievable Deals

If an offer seems too good to be true, it probably is. Scammers often use unbelievable deals to lure victims. Cross-check prices with reputable websites and be sceptical of extreme discounts.

Example: An online store advertises a high-end smartphone at a fraction of its usual cost. After comparing prices with established retailers, you notice the massive discrepancy, which is a strong indicator that the deal is a scam.

5. Use Trusted Payment Methods

Opt for secure payment methods like credit cards or well-known payment services such as PayPal. These methods offer better protection and the ability to dispute charges in case of fraud.

Example: A fake website asks you to pay for an item using a wire transfer or cryptocurrency, methods that are difficult to trace and offer little recourse if something goes wrong. Stick to credit cards or payment services that offer buyer protection.

6. Avoid Downloading Untrusted Apps

Be cautious if a website requires you to download an app to complete a purchase. In early 2024, security researchers uncovered a series of malicious payment apps designed to steal users’ financial information. These apps, which were not available on major app stores like Google Play Store or Apple App Store, requested access to sensitive information and led to unauthorized transactions once installed.

Example: A website offers exclusive deals but insists you must download a special app to make a purchase. Upon downloading, you find the app is not available on reputable app stores and may request excessive permissions. This is a red flag that the app could be malicious, designed to steal your personal information or infect your device with malware.

Conclusion

Fake websites are a serious threat, but by staying vigilant and following these guidelines, you can significantly reduce your risk of falling victim to online scams. Always trust your instincts — if something feels off, it’s better to leave the site and verify its authenticity through other means.

Your online safety is paramount, so take the time to ensure the websites you visit are legitimate.