Phishing is a term used to refer to a deceptive tactic where a trusted website is impersonated in order to collect users’ personal information. Over the past year, phishing has become common in the cryptocurrency space as inexperienced users have flooded in. But – never fear – it’s easy to identify phishing scams and avoid falling victim to their trap.
Back to Basics
To really be safe on the Internet you need to understand at least a little bit about how it works. For starters, the application you’re reading this on – the program that started when you tapped or clicked the button to open the Internet connection – it’s called a browser. It lets you ‘browse’ through the pages of the Internet – easy, right?
There are lots of browsers out there – Google Chrome, Mozilla Firefox, Apple’s Safari, or even Microsoft’s Edge browser if you’re really in a pinch. The recent distributed project Brave is our personal favorite, of course.
New on the Scene: Brave
If you’re looking for a new browser, the Brave team have really outdone themselves with this one. Optimized for the decentralized web, Brave comes preloaded with compatibility for the Basic Access Token, and they’ve worked hard to make sure security is a top priority. More on Brave here.
Don’t Get Lost
It may help to think of the Internet kind of like a book, where the browser lets you interact with one page at a time. A recent ABC News report found that there are nearly 5 billion pages on the internet, so as you can imagine it would be pretty pointless to give them each a 10 digit number. Instead, each page has a name – google.com, amazon.com, blockchain.wtf, you get the idea. In any browser, you can always see the page you’re currently visiting in the Address Bar at the top of the screen. In Google Chrome, this will look like the image below:
The address shown (‘https://blockchain.wtf’ above) is the name of the page you’re viewing. The internet is pretty big, so these are called Universal Resource Locators, or URLs for short. URLs can be very complicated, but luckily we only need to pay attention to a few key things.
How to identify phishing sites
Remember, all you need to know is that the information is coming from where you think it’s coming from.
The Domain Name
The Domain Name (shown in orange above) tells you the name of the website you’re visiting. Keep in mind that the domain name includes both the word “google” and the “.co.uk” above.
One common phishing scams tactic is to purchase domain names with alternative and unusual endings such as ‘.biz’ or ‘.to’, which makes it important to always check that the full domain name matches the website you’re expecting to see.
Another common phishing technique is to purchase domains such as ‘unitedairlinesdiscounts.com’. These can sometimes be harder to identify, but it’s usually safe to assume that any major corporation will use their primary URL. In the United Airlines example, there’s no reason why United would want to purchase a different domain for this opportunity, so we know that we probably shouldn’t trust anything on that page.
The Wikipedia article on URLs has much more in depth information if you’re interested in learning more!
That Little Green Lock
In the last example you might have noticed that there’s a little green lock symbol in the address bar. This means that the website has a valid HTTPS certificate. There’s a lot of complicated technology at play, but essentially this means that the website is who it says it is – kind of like a passport or driver’s license with a photo.
The important thing to remember here is that if a website does not have a green lock icon, it is possible that the URL displayed in the address bar is not actually the website you are talking to. Be careful.
If you do find a website that you think might be untrustworthy for any of the reasons above, there are a few ways to see if you’re right.
The easiest way to check anything on the internet is usually google. Try searching the URL, or some keywords from the website along with the words ‘scam’ or ‘fraud.’
If nothing comes up, you’re probably safe, but always be sure to employ extra protection where financial services are related.
Extra Security For Financial Services
When it comes to your money, you can never be too safe. If you’re looking for tips on how to keep your cryptocurrencies safe, you might want to check out our Wallets section for some tips and tricks.