Fraudsters have numerous methods for trying to get their hands on your cash. One which is becoming ever-more prevalent is the fake or cloned website.
These sites at first glance look like the real thing, and may even have a web address that is very similar to a well-known site, such as the one operated by your bank.
Five scams to steal your personal information
How cloning scams work
There are several types of websites that may be copied by fraudsters in their nefarious quest to steal your money. These include fake banks, financial advisers, and pension firms, fake government and tax websites, fake passport sites and fake ESTA sites (ESTA are the document required by tourists travelling to the USA), fake driving test sites, plus fake retailers, travel companies and online businesses pretending to be reputable companies such as Apple and ebay.
The criminals’ biggest challenge is getting people to click through to their fake sites, and they do this in one of two ways:
* Persuading victims to click on the link for a cloned site via an email message. This type of scam, known as phishing, normally involves you getting a message that appears to come from your bank or other company, for instance your pension provider or an organisation like Apple or Amazon that you regularly do business with.
The email might state, for example, that there has been unauthorised activity on your account and that you need to log into the company’s site – via a link in the message – to check everything is ok.
The link takes you to a site that looks genuine, but is in fact a front that allows the criminals to harvest your log-in and account details.
* Getting their cloned sites up the top of Google rankings. This can involve the fraudsters paying to ensure that their site appears at or near the top of Google’s rankings for certain searches. For example, recently, the police warned that a fake National Savings & Investments website had been set up in order to steal people’s money.
Signs an email may be a scam
Taking advantage of recent events
Often, criminals will use recent news events to make their approaches seem more convincing.
For example, in the wake of, say, a widely-reported online theft from or hack of a bank and its customers' details, you should be especially on your guard against the arrival of dodgy emails in your inbox, dressed up to look like the real thing from reputable organisations.
Scammers realise that, at times like this, people are more likely to believe a message that relates to fraud on their account.
Avoid falling victim
There are a number of precautions you can take to avoid this type of con. Firstly, be very sceptical of any message you receive from your bank or other financial company, and never use a link in an email to visit their site.
Instead, get the web address from existing correspondence such as your bank statements, and type it in yourself.
If you are searching for a government service online, the genuine web address should begin with https://www.gov.uk
And when you click through to a genuine site, you should also see a padlock symbol to the left-hand side of the address bar.
This applies to genuine retailers as well. When you reach their payment pages, if not before, the address should begin with ‘https’ and the padlock symbol should also be displayed.
If either of these things are missing, your money is at risk.
If you are worried about being duped by a cloned site or even a fake company, make sure you limit your purchases and other dealings to businesses that you know well.
What can I do if I am a victim of identity theft?