How to suss out if that website is fake

This week, level up your defences in the online world and stay safe. Cyber up, everyone! It’s so crucial when it comes to protecting our money.

You know that uneasy feeling in the back of your mind as you’re about to buy something on a site for the first time? It’s that niggling doubt about whether it’s legit. What if it isn’t?

That. Would. Not. Be. Good.

Looking up a website using a Whois service

One way to double-check before keying-in your card details is to look up the website itself. You want to make sure it wasn’t just made yesterday, last week or last month. One way is to use a ‘Whois’ site. There’s quite a few out there and this is a good one: whois.com/whois.

If you key-in the Sorted website, for instance, you can easily see how long we’ve been New Zealand’s independent, impartial source for personal finance information.

Sorted has been registered since April 2001, and this year we’ve been celebrating our 20^th anniversary.

So this is actually a quick, easy way to double-check suspicious websites. Many look like the real thing, but these days even fully functional fakes can be bought on the dark web and set up quickly by fraudsters. It doesn’t hurt to check.

The scammy ones have usually been set up recently, so by checking the registered date you can avoid many of the wolves digitally dressed in sheep’s clothing. Skip any sites that haven’t been around long.

Make sure the website is secure

There are a couple of ways to check out if a website is secure.

• Make sure https rather than http is at the start of the web address (URL) in your browser.
• Also look for the padlock symbol next to the URL.

These signify that the connection is secure, and any information sent between your browser and the web server is encrypted and can’t be copied.

It’s important to not buy anything or submit any personal information (like payment details, email, password or even your name) on a website that isn’t secure.

Where to report your cyber issues

When you come across something suspicious in the cyber world, be sure to report it to CERT NZ. They’re the government agency that helps us identify cyber security issues and get through when things go pear-shaped.

Keep safe online with these steps

CERT recommends 4 steps to level up your online defences:

1. Upsize your passwords. We all know that passwords need to be complex enough to protect us, but did you know we should have a unique password for each site we log in to? Most of us have got pretty good at creating long and complex passwords, but we tend to use them over and over as they can be hard to remember. Unfortunately, this puts all our accounts at risk if one is attacked. That’s where  a password manager comes in – it's a vault that keeps track of your passwords and keeps them all safe. Here’s how to create a good password and store it safely.
2. Upgrade to two-factor authentication. Sometimes called ‘2FA’, this is where as well as using a password, you enter a temporary code (usually from a phone app)  – adding that extra layer of security. Here’s how to turn on 2FA.
3. Uphold your privacy. Be careful about the information you share about yourself online. We share so much of ourselves now – about our kids, our pets, our friends and family. It’s a great way to connect, but your information can be used to get access to your accounts. How often have you used the name of your pet as your password or security question? It’s a good strategy to lock down your social media account, so only those you know can see it, and to pause before you share things online. And every time you’re asked for your personal details, double-check it’s legit. Here’s more on how to protect your privacy.
4. Update your apps and devices. All those annoying updates don’t just get you the latest bells and whistles, they also fix the latest bugs and security gaps, and keep the viruses out. Making your updates automatic helps. Here’s how to stay up to date.

There’s more at cert.govt.nz/cybersmart.