How do I tell a legitimate web site from a fake one?
Duration: 3 mins 56 secs
Share this media item:
Embed this media item:
Embed this media item:
About this item
| Description: | Scammers are getting very clever when trying to trick you into entering your personal and work details into a spoof web site, this video will help inform you what to look for to recognise a genuine web site from a fake one. |
|---|
| Created: | 2017-06-28 17:28 |
|---|---|
| Collection: | Cyber Security |
| Publisher: | University of Cambridge |
| Copyright: | Lynn Foot |
| Language: | eng (English) |
| Keywords: | fake; scam; phishing; cyber security; online safety; |
Transcript
Transcript:
How do I recognise a legitimate login page from a fake one?
Scammers will target you with phishing emails. They may include a link to redirect you to a fake web site that appears to be a University web login page, .
If you enter your University username and password, scammers can use your account to commit frauds, such as sending phishing emails on your behalf or on the behalf of the senior staff in your department.
If an email directs you to a website that asks for your University Raven details, BEFORE entering your password, make sure the web page is legitimate.
This is what you SHOULD see and can TRUST. Look in the address bar, and note the beginning of the Raven login address
Make sure that the address begins with “https” and the domain name is correct. The “domain” is the part after the double slash to the next slash. It is the owner of the web site.
A web site that begins with “https” may require you to log in. The 'S' in https stands for “secure”.
A secure site starting with “https” should also have a GREEN padlock icon somewhere in the address bar. Note that browsers may display this slightly differently, but the green padlock SHOULD be clearly visible.
BEWARE. A spoof site may also have a padlock. But look carefully at this web site, there are TWO address bars. This is a FAKE! If you enter your password, your details will be captured.
If you click on the padlock, a pop down box will reveal the web site owners actual name. You can check if it is the site that you expect.
Depending on your browser, this information may be hidden, so ask for advice if you can't see it. But note that a green padlock that cannot drop down is definitely suspicious.
If you use Microsoft Online, the two login addresses look like this. And this. These are safe. We thought you’d like to know that!
But what about web sites other than Cambridge? Be cautious if you see any of the following; web addresses with odd domain names or that include an IP address.
Look for domain names that imitate actual businesses. For example, this Apple web address there is a zero instead of the letter "o" in the dot com. This BBC web address is not part of the BBC's web site, but at first glance it looks valid.
There are several other clues to bogus sites including: No contact details anywhere on the site. Intrusive adverts crowding the page or that are explicit or suggestive; ads that automatically play audio or ask you to take a survey.
Check for safe browsing by entering the web address here.
If you are directed to a suspect page, don’t enter any University credentials or your personal details, first check the site is legitimate. Ask for advice is you are unsure.
Forward anything suspect, the security team will block fake web login pages to protect you and other users. You can also report via your IT department, the service desk or through the web form.
Ask if your computer is protected with anti-virus software, & is your browser is up-to date?
STOP! THINK! Before you CLICK!
Scammers will target you with phishing emails. They may include a link to redirect you to a fake web site that appears to be a University web login page, .
If you enter your University username and password, scammers can use your account to commit frauds, such as sending phishing emails on your behalf or on the behalf of the senior staff in your department.
If an email directs you to a website that asks for your University Raven details, BEFORE entering your password, make sure the web page is legitimate.
This is what you SHOULD see and can TRUST. Look in the address bar, and note the beginning of the Raven login address
Make sure that the address begins with “https” and the domain name is correct. The “domain” is the part after the double slash to the next slash. It is the owner of the web site.
A web site that begins with “https” may require you to log in. The 'S' in https stands for “secure”.
A secure site starting with “https” should also have a GREEN padlock icon somewhere in the address bar. Note that browsers may display this slightly differently, but the green padlock SHOULD be clearly visible.
BEWARE. A spoof site may also have a padlock. But look carefully at this web site, there are TWO address bars. This is a FAKE! If you enter your password, your details will be captured.
If you click on the padlock, a pop down box will reveal the web site owners actual name. You can check if it is the site that you expect.
Depending on your browser, this information may be hidden, so ask for advice if you can't see it. But note that a green padlock that cannot drop down is definitely suspicious.
If you use Microsoft Online, the two login addresses look like this. And this. These are safe. We thought you’d like to know that!
But what about web sites other than Cambridge? Be cautious if you see any of the following; web addresses with odd domain names or that include an IP address.
Look for domain names that imitate actual businesses. For example, this Apple web address there is a zero instead of the letter "o" in the dot com. This BBC web address is not part of the BBC's web site, but at first glance it looks valid.
There are several other clues to bogus sites including: No contact details anywhere on the site. Intrusive adverts crowding the page or that are explicit or suggestive; ads that automatically play audio or ask you to take a survey.
Check for safe browsing by entering the web address here.
If you are directed to a suspect page, don’t enter any University credentials or your personal details, first check the site is legitimate. Ask for advice is you are unsure.
Forward anything suspect, the security team will block fake web login pages to protect you and other users. You can also report via your IT department, the service desk or through the web form.
Ask if your computer is protected with anti-virus software, & is your browser is up-to date?
STOP! THINK! Before you CLICK!
Available Formats
| Format | Quality | Bitrate | Size | |||
|---|---|---|---|---|---|---|
| MPEG-4 Video | 1280x720 | 850.84 kbits/sec | 24.51 MB | View | ||
| MPEG-4 Video | 640x360 | 411.26 kbits/sec | 11.85 MB | View | ||
| WebM | 640x360 | 266.07 kbits/sec | 7.70 MB | View | ||
| iPod Video | 480x360 | 520.93 kbits/sec | 15.01 MB | View | ||
| MP3 | 44100 Hz | 250.55 kbits/sec | 7.46 MB | Listen | ||
| Auto * | (Allows browser to choose a format it supports) | |||||