Online and mobile banking is becoming the new normal for consumers on-the-go. Managing accounts virtually empowers individuals to gain better visibility into their finances anywhere, anytime, with just a few clicks. However, linking your financial account to the correct and legitimate website can sometimes be tricky.

Cybercriminals frequently replicate valid websites to con unsuspecting consumers into either opening malicious links on their page that flood their device with malware, or divulging personal information, which they can use to wipe out your account or steal your identity. While these sites may appear similar to legitimate sites, there are a few red flags you can identify to determine the validity of your financial institution’s website.

The anatomy of a URL
The first thing you can do when visiting a new website is examine the address bar. The beginning of the URL should be “https://” – the “s” stands for secure, which indicates that the website transfers data with an encryption and is better protected from cyberattacks. While a website that does not start with “https://” is not necessarily fake, you might want to avoid entering any personal information until you validate its legitimacy.

Certain browsers also communicate how secure a website is by showing a small padlock next to the URL, highlighting the address in green, or showing the domain name to the left of the address – these mean the website has a high level of encryption and can be trusted. However, if you see “not secure” next to the URL, your browser is indicating the site cannot be trusted. To learn more about the website’s security, click on the padlock or “not secure.”

Research, research, research
Certain fraudulent websites are triggered to unleash malware onto your device upon visiting the site. To avoid this, it is imperative to do your due diligence before visiting your financial institution’s website for the first time. Look up reviews or ask friends or family who may have used the same website. Even if you have already visited the site and set up an online account without issue, always double-check that you are navigating to the proper address and domain name – cybercriminals will often change these in hopes you will not notice.

Check its age
If you know that your financial institution originated 30 years ago, but its website is only a few weeks old, it is likely fraudulent. Hackers predict times consumers will be more active online – such as the holidays – and create a fake website around that time. Utilize the Whois Domain tracker to discover who a domain name is registered to, their location, and how long the website has been in business.

See a mistake, it’s a fake
A common tell-tale sign of a phony website is errors. Copy riddled with spelling, punctuation, and grammar mistakes can mean the site went up quickly and whoever made it did not check for these, or the creator lives in another country and is not familiar with certain dialects. Legitimate organizations take pride in presenting work that is thorough and accurate. An occasional typo is not necessarily cause for alarm; however, frequent mistakes or odd phrasing is a red flag.

Go with your gut
If you see a deal that is too good to be true, it probably is. Cybercriminals like to lure consumers into their websites with false claims of unbeatable interest rates or cash back. By the time you realize it is a sham, it may be too late. Always call the financial institution directly at its published number and ask about special offers to determine their validity.

Be proactive
Nearly anyone can be fooled online these days. Ensure you’re protected in case it happens to you by utilizing a password manager or a credit monitoring service. These will keep your personal information safe and notify you if they become compromised. Read our article on building a strong password as the first line of defense against hackers.

Fraudulent websites are created to deceive and swindle you into handing over your personal information, but by knowing which identifiers to look out for, you’re one step closer to beating hackers at their own game.

Visit our website to learn how we can help keep you safe online.