Fake bank websites are becoming more common and sophisticated as cybercriminals create ever more realistic frauds, new research has found.
The banks most frequently targeted for fake websites in the UK are HSBC, Royal Bank of Scotland, NatWest, Barclays, Reliance Bank, ING Direct, Lloyds Banking Group, and Standard Chartered.
Many of the websites look incredibly realistic, with identical logos and banners to their genuine counterparts.
Even the web addresses (URLs) can be very similar. For example, the address of the webpage shown above is www.r-b-s-online.co.uk instead of www.rbs.co.uk.
The antivirus solutions firm Bitdefender, which conducted the research, has provided this advice to help spot fake bank websites:
- Do not make an online payment unless you are 100% sure it is a genuine website.
- Check the list of UK unauthorised banks if you are dealing with an institution you have not heard of before.
- Double check a banker’s or seller’s identity when he calls or sends an email promoting a bank.
- Check WHOIS information about the domain registration, hosting and online activity. Fake websites are usually registered for less than a year and are registered to anonymous email addresses like: firstname.lastname@example.org.
- Maintain updated antivirus software.
- Stay vigilant. If you see unusual financial activity in your bank statement, notify your bank.
Around 26 million people use online banking in the UK and the number is growing by around three percent each year. In 2011, more than £28 million was lost to online banking fraud.
Cybercriminals have also started targeting professionals in the finance sector by creating websites for completely imaginary companies, instead of imitating the websites of existing ones.
These sorts of scams account for almost a third of all fake bank websites.