Unfortunately, you won't always spot a phishing scam, or you might not be entirely sure if it's a phishing scam. You could end up on a malicious website without realizing. But what is a malicious site anyway?
A malicious site is a site that tricks you into giving away information or downloading a virus, or that contains code that finds and exploits security holes in your computer. If the site can find a security hole, then it can download a virus and install it without any action on your part.
Even a legitimate site can become malicious if hackers trick the ad network it uses to run infected ads. Click here to learn more about malicious ads and how to keep them off your business site.
If a hacker has done his job right, detecting a malicious site isn't easy. However, there are some things you can watch for.
Encryption
One popular type of malicious site is the fake banking site. Hackers will steal the code for a bank's home page, so it looks exactly like the real thing. However, if you try to log in, the site records your user name and password and automatically sends your account information straight to the hackers.I've said it before, but I'll say it again: Never ever click on a link in an email or text to go to your banking site. Always type in the address manually or use a bookmark that you know is legitimate.
However, to confirm you're in the right place, check the address bar of your browser. First, make sure the domain name is right. For example, Chase bank is "www.chase.com," not "www.chase-bank.com" or "www.chase.bk".
Second, any real banking site should start a secure connection right away. That means the address will start with "https://". Click here to learn more about website encryption. Most sites, however, don't load encryption right away, so this is a less useful test for a shopping site or informational site.
Presentation
Of course, not every site is going to be a high-quality clone of a real one. Hackers often put together a bunch of generic sites at once and thrown them online with whatever domain names they can get their hands on.So, you might end up at "www.amazingsuperawsomefreesoftware.com" and it looks like something from the '90s with terrible layout and misspellings all over the place. True, a lot of small software developers don't have a lot of money to sink into a nice website, but poor presentation should always give you pause.
Content
Outside of presentation, it's helpful to ask what the website trying to get you to do. Does it want you to download a program, take a survey, watch a video or give it information so it can send you money or a free prize? Any of these could be an attack.If the site is offering a specific piece of software, or a few of them, run the software names through Google to find the developer's website. A lot of hackers take free software, add in viruses and then put them up online at generic sites.
People searching for the software end up on the generic site and download the infected program thinking it's the real thing. Even some "legitimate" companies do this using toolbars and other third-party software instead of viruses. If you got a download that includes a toolbar and you can't get rid of it, click here for the solution.
When it comes to surveys, never take ones from sites you've found in an ad or email. They'll ask for too much information. Instead, find legitimate survey sites on a reputable site like mine.
Video scams are popular. You'll be told the video is the most shocking, heartwarming or sexiest thing you've ever seen. Wait, to watch it you need to download an update for your video player! Click here to see an example. Of course, that download is a virus in disguise. Only watch videos on known sites like YouTube or my video page.
Finally, a big draw for many people is free stuff. "Get a free iPad, car or trip to an exotic location!" You just need to enter every bit of personal information you have, and pay a small fee. Remember, if it sounds too good to be true ...
Avoid malicious sites entirely
As I said above, some malicious sites don't try to trick you, they attack you automatically through security holes in your browser. That's why you need to make sure your computer, browser and important software are always up to date.Adobe Flash, for example, has regularly serious security problems that open up your computer to attack. So, make sure it's updated and that you keep an eye on my Daily News for new developments.
Still, it's better if you don't land on a malicious site at all. That's why you need to learn how to spot phishing emails and dangerous online scams.
It's also a good idea to have a backup plan. Security software that detects malicious sites before they load is a good thing to have.