You can detect spoofing by watching out for the following indicators, which are signs you’re being spoofed:
- Website does not have an SSL Certificate: Look at the page URL you are on. Do you see the lock symbol? If you click on it you will be able to see if the website is secure and has a valid SSL certificate. Just beware that some fraudsters also have SSL certificates - so other checks are needed.
- The website does not use HTTPS protocol. Most legitimate websites always use HTTPS. Always be suspicious of websites that use the old HTTP (no “s’)protocol which is less secure.
- Your Password Manager does not appear. Secure Password Management programs such as Dashland and Google are great at detecting spoofed sites. If you happen to land on a spoofed website and your password manager does not prompt you to use it to fill in your information - it is a good sign you are being spoofed.
Check your emails carefully. Look out for odd domains from the sender, embedded links that have unusual URLs, emails with typos, bad grammar or poor layout, or zipped attachments.
Spoofed Phone Calls
Caller IDs are easily spoofed. This is true especially for landlines. Scammers will use spoofed numbers that show up being a caller from your hometown - making you more likely to pick up the phone. The best way to manage this is to let all calls from unknown callers go to voicemail.