The Anatomy of a Phishing Website

The image below is taken from a Phishing website aimed at Natwest bank customers. The same techniques used on this fake website apply to almost all other Phishing websites...

	The Address Type (HTTP Vs. HTTPS)
	All web addresses start with either HTTP or HTTPS. The S signifies that the website is using a secure connection. If you have clicked a link that is claiming to be from a financial organisation, where you are asked for personal information never supply the details unless the address type is HTTPS. Remeber though, the Phishing gangs can also use HTTPS security so this is only one part of the address your should check...
	The URL or Web Address
	In this case the web address is: http://www9.nwolb.co.uk.sec74.net/.... Now, to begin with we can see that is isn't using HTTPS so the data we send is not secured. That is our first warning sign. Next we can see the actual web address starts off looking like it is legitimate, www9.nwolb.co.uk - this is a correct address. But... what comes next means that we are not actually reading a page from there, it is simply a sub-domain of the sec74.net website which is where we are actaully sending our personal information to if we enter it here!
	Asking for your cash card number
	Your bank will never ask you for your cash card number or your cash card PIN number. If the website asks for this do not supply it.

• Part 3: Phishing Email Check List
  A simple list of tips to help you spot a fake or Phishing email. Read Part 3 >>


• Part 4: How ClearMyMail can help protect your email
  ClearMyMail offer total protection for your email. Blocking all spam and phishing emails before they reach your computer. Read Part 4 >>

For more information on Phishing emails please select the option above, or for more details on the ClearMyMail Guaranteed Spam Blocker please select one of the options below.

Share or Bookmark this page:

Featured In