how to protect yourself from website cloning

Website cloning is one of the most popular scams among cybercriminals looking to steal money and gain sensitive information from their victims. Continue reading for helpful tips on recognizing and protecting yourself from this harmful cybersecurity attack. 

what is website cloning?

Website cloning occurs when scammers make a copy or “clone” of a website to disguise themselves as a legitimate business. Any website can be the target of cloning - although retail, travel, and banking sites tend to be the most popular. This scam usually intends to gain sensitive information about the victim - such as their login credentials - steal money and damage the credibility of a company. 

Once the cybercriminal has cloned a site, their next step is to get victims to visit it. This is typically accomplished through shared links by emailing, text messaging, or creating social media posts. The messages attached to the links will urge the victim to take immediate and vital action.

For example, receiving an email from your financial institution claiming that your Online Banking login credentials must be authenticated as soon as possible, or they’ll freeze your account. In this scenario, the Online Banking portal they link to would be a clone - giving the cybercriminal access to the victim’s account information and finances.

how to recognize a clone website:

Recognizing a clone website can be tricky because the site will look exactly like the original, besides tiny changes. Fortunately, there are tips to help people recognize a clone website, such as:

1. If the offer appears too good and too generous to be true, it probably is. For example, your favorite retailer texting you about free products or an airline giving away free plane tickets.
2. Pay close attention to the URL and email header. Make sure they match the official site completely. Remember, scammers get away with cloning by making minimal changes. For example, https://www.blueoxcu.org/ is the correct BlueOx Credit Union site, while http://www.bluoxcu.org would be a clone. Can you spot the difference?
3. Messages urging victims to visit a clone website often contain grammatical errors and appear unprofessional. If the verbiage and style used in a message don’t match past communication you’ve received from the company, it could signal a scam. 
    

tips for avoiding a clone website:

1. Bookmark the sites you use often with the legitimate website – especially those that require you to log in or make financial transactions.
2. Always be sure a message and site are legitimate before providing sensitive information – like passwords or security question answers.
3. Pay attention to the search engine results. Real websites are usually listed higher/first because they’ve existed longer and have more traffic.
4. Reach out to a business to validate that a message or offer is genuine before clicking links or responding. If it's a scam, they’ll be happy to help you avoid it and greatly appreciate having it brought to their attention.
    

what's next?

As cybersecurity attacks continue to rise, learning to protect yourself online is more important than ever! Check out our blogs, 10 Common Cyber Security Attacks and Top 10 Cyber Security Tips, for more information on how you can keep yourself and your family safe from digital scams.