How to Spot a Phishing Website

Home Resources Fraud Prevention Phishing How to Spot a Phishing Website

Bellco is committed to ensuring your financial information remains safe and secure. We consistently monitor your accounts for possible fraudulent activities regardless if it’s a recognized incident.

We have security protocols in place that prevent our members from becoming victims of identity theft. Although no process is perfect at preventing fraud or identity theft, Bellco continues to strengthen our security measures with the latest updates and enhancements.

It’s important to remember that you are your own best defense in the fight against identity theft and fraud. We urge you to educate yourself on how to spot potential red flags on fraudulent phishing websites.

What to do if your information is compromised

If you think your password may have been captured by a scammer, you will need to update any login information for any website that used the old compromised password. Remember, always use separate passwords for each website!

Identity fraud happens when personal information is stolen and used for illegal activity, such as unauthorized purchases or withdrawals from your account. Click here to find out what you can do about identity fraud.

Next, keep an eye on your credit report and look for any unfamiliar accounts that may have been opened. Click here to learn more about credit fraud.

Quick Tips

While this list is not exhaustive, it’s a good start in protecting yourself.

This is one of the easiest ways to spot a phishing website. If a link is making you suspicious, make sure to check the website domain, hostname, or URL and ensure you recognize it. Furthermore, make sure the web address does not forward your browser to a suspicious site. It is common for scammers to use a similar-looking URL to bring their targets to a duplicated version of a login or contact page.

Always ensure the URL includes the standard ”https://” prefix. If there is an ”s” missing, this could point to something fishy.

This may seem impossible to detect as hundreds of thousands of websites end in .com, but one of the most common methods of deception for an imposter website is to tack on a ‘.com’ ending to their domain.

If you know the website you’re looking for ends in .org, .gov, or a particular country suffix such as .co.uk, then be wary of generic .com domains.

Oftentimes, scammers will send an email or a text message that contains a link. The link may either have a similar-looking domain name or legitimate domain name, but the actual link will bring you somewhere else. This is a very common way people can get caught in a scam.

When you receive emails or texts, use them only as notifications and do not click the links provided. Instead, go to the company’s page by typing in the URL or finding the company on a search engine.

While no one is perfect and typos can happen even on the most legitimate websites, if there are more than one or two errors, this should be a warning sign. Some scammers will put significant effort into making a near-exact copy of legitimate websites, but in general, if sentence structure, grammar, spelling, or design is incomplete or just wrong, beware of entering any personal information.

An SSL or TLS certificate helps you know that information entered on a website is secure by protecting information that passes between web browsers and servers. You can see if a website has an SSL/TLS certificate in your browser. Usually, a lock icon will appear next to the name of the URL.