Skip to main content

Website spoofing

Website spoofing is the fraudulent practice of creating a fake website that uses the same fonts, colors and overall design as a legitimate website. Fraudsters use this method to deceive customers into entering sensitive information on the spoofed website such as login credentials. Although the spoofed site may appear legitimate, at first glance, there are ways you can confirm you're on a secure and trusted website.

Look for security indicators. Verify the website has a padlock with "https" in the address bar. The "s" indicates that a website is secure. No "s" means the website does not have a security certificate.

View certificate details. Click on the padlock icon next to the URL, to see if your connection is secure and if there's a valid certificate issued to the intended website you're visiting.


Password input icon
Tips to avoid website spoofing
  • Type the intended website's URL into your computer's browser. Be cautious when clicking links from an email or social media, if you're not sure where those links will direct you.
  • Pay close attention to the URL. Fraudsters will often use similar URLs with easy-to-miss spelling or grammatical mistakes.
  • Look for trust seals. These are logos that exist typically on homepages to remind visitors the site is secure.
  • Use a Safe Browsing Report to see if a URL has unsafe content.

More tips to protect yourself.

Fraudsters are smart, but you are smarter. Equip yourself with tips and resources for a more secure banking experience.