How to Test if a Website is a Phishing Site

How to Check if a Website is a Phishing Site

Finding out if a website is the real website it is suppose to be or a phishing website is actually much easier than you might think. The secret to checking if a website is a phishing website is to simply analyze the url or the web address of the web page you are on.

A very common form of phishing these days is getting an email from Paypal or Apple that says you account has been limited for one reason or another. There will be a link or a button in the email to go to their website to fix the issue. Most of the time, emails you receive saying that any online account has been limited or frozen for some reason are BS and are phishing links.

If the warning or message you receive in your email about your account is legitimate, you don't have to, and shouldn't, click the link in your email. Instead, navigate directly to the target website in your web browser. Once you log in, if the warning message in your email is legitimate, once you have logged in to the website directly, you will see that warning in your account.

Using the above Paypal example, here is how to easily check if the website you are directed to is actually the Paypal website or a phishing website:

1. Right click the link in your email. This will make a popup menu appear.
2. Within the menu you will see a menu item to copy the url to clipboard such as copy url or copy url to clipboard.
3. Open a plain text editor program on your computer such as notepad (for windows).
4. Paste the url from the clipboard to the text editor by pressing CTRL + V on your keyboard (windows) or Command-C (mac).
5. Examine the part of the url/web address up to, and including, the .com or .net or .org.
6. Using our paypal phishing example, the Payal website is a .com website. If the website is legitimate and not a phishing web site, the part of the url or web address up to, and including, the .com or .net or .org will either contain paypal.com or .paypal.com (again, the assumption here for our example is the website is the Paypal website). For example the url may be a subdomain of paypal.com such as help.paypal.com or accounts.paypal.com which are legitimate. DO NOT hover your mouse over the link in your email and rely on the web address that appears in the status bar text of in the pop up tool tip text as these can be spoofed.

How To Tell If Site Is Phishing Site Right Click Link Copy To Clipboard.

How To Tell If Site Is Phishing Site Right Click Link Copy To Clipboard.

Important points to remember about phishing pages or phishing websites:

• Make sure to inspect the url/web address very carefully as some phishing websites have urls that are very similar to the real website. For example, payspal.com or paypals.com.
• Another thing to watch out for is if the domain extension is what it is suppose to be. In other words, if the web address is suppose .com address, make sure it is not a .net or .org or some other extension that it is not suppose to be.

Second Way to Check if a Site is a Phishing Site: Page Links

Hover your mouse over different links on the web page. Most of the time, people who create the phishing page are lazy. Although the page may look exactly like the real website, the creators of the phishing website don't bother setting the urls for links on the page properly. Most often, if a web page is a phishing web page, when you hover you mouse over the links on the page, they will all show the same exact url in the web browsers status bar.

Third Way to Check if a Site is a Phishing Site: Whois Lookup

A whois lookup is a free tool online that will reveal who the real owner of a website is and how old the website is. Look at the Registered on: entry in the whois lookup. Most often, phishing websites don't last very long because they get reported and taken down. If you do a whois for the website in question, if it shows the website is only a year or two old, good chance the url is a phishing url and not legit.

For our example, if you do a whois lookup for paypal, you will see owner is Paypal.inc, the address and that their website was registered way back in 1999.

How To Tell If Site Is Phishing Site Paypal Whois Lookup.

How To Tell If Site Is Phishing Site Paypal Whois Lookup.

What to do if you Discover a Web Page IS a Phishing Web Page

Best thing to do if you find out the url of the website is a phishing link, report it to Google. Most people use Googe Chrome for their web browser so to report it to them go to https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en