Wednesday 3 May 2017

WARNING: Fake Bank Websites Targeting British Savers

bank account

Hundreds of fake websites that appear to be owned by major high street banks have been discovered online, raising fears that fraudsters are targeting UK savers.

Researchers found as many as 324 sites that look like they are run by respected brands including Natwest, HSBC and Barclays, but are in fact owned by individuals.

Internet security firm Domain Tools found web addresses including hsbc-direct.com, barclaya.net, barclays-supports.com and lloydstsbs.com are all owned by third parties rather than the banks themselves.

In total, Domain Tools unearthed 110 fake HSBC sites, 74 for each Barclays and Standard Chartered, 66 for Natwest and 22 for Lloyds.

The fake addresses are often misspellings of official sites or versions of web addresses not registered by the companies. Cyber criminals use the appearance of real domains to lure victims.

Fraudsters have been known to use such fake domains to trick unsuspecting customers into handing over personal information when they visit the site directly by mistake or via scam emails.

Once visitors have reached the sites they can be encouraged to hand over details such as their name, address and password, or financial details, believing that the websites are legitimate. Cyber criminals can also download malicious software onto visitors' devices and earn advertising revenue.

In separate research, Domain Tools recently found scammers peddling fake Starbucks vouchers on the unofficial website starbucks.com-latte.us. Such a trick could be used to encourage users to give the scammers access to their social media profiles or hand over sensitive information.

Other affected brands include British Airways, Marlboro Cigarettes and Krispy Kreme.

The findings come despite warnings that cyber criminals use fake website addresses to dupe customers, leading to concerns that financial institutions aren't doing enough to protect them.

"Brands can and should start monitoring for such domain name registrations," said Kyle Wilhoit, senior security researcher at Domain Tools. "It is much better to own your own typo domains than to leave them available to someone else."

Wilhoit added that customers should exercise care when typing web addresses and inspect them before visiting.

"Many will simply add a letter to a brand name, while others will add additional letters on either side of a brand name," he said.

The proliferation of new domains, such as .london, has exacerbated the problem, and the number of legally disputed addresses increased 10pc to a record high of 3,036 last year.

How to protect yourself

To prevent yourself from being tricked by fake website scammers, Domain Tools advises users to do the following:

  • Check for extra letters in the domain, such as Yahooo.com

  • Check for dashes in the domain, such as HSBC-direct.com

  • Look out for 'rn' disguised as "m", such as modem.com versus modern.com
  • Check for reversed letters, such as HBSC.com

  • Watch out for plural and singular versions of the domain, such as barclay.com rather than barclays.com

SHARE THIS

Author:

Etiam at libero iaculis, mollis justo non, blandit augue. Vestibulum sit amet sodales est, a lacinia ex. Suspendisse vel enim sagittis, volutpat sem eget, condimentum sem.

0 comments: