An untrained eye won't see a hackers trap.

How to tell if a website is trying to hack you

Technophobes tend to bury their heads in the sand.

However, turning away from anything technical is turning a blind eye to the possibility you could be directing a cyber criminal to your accounts. Don't worry though, this isn't rocket science. You don't need the mind of Tesla to get to grips with this. You just need to know a secure website from a risky one.

Can you tell between a real and bogus website? Does the sentence below make sense to you?

 A real domain is the domain to the left of the high level domain:

This means to the left of .org, .net, .com, .co.uk, etc. but there will be no '/' to the left of it. This doesn't include 'http://' though. This may be confusing so to keep it simple, when a website appears like the one below:

http://triple-ecs.net/sa/google.com/support/

If you look to the left of google, there is a '/' but there is no 'http://' - this means it's not a legitimate website as there is no 'http://' to the left of it. This means it is a sub directory. The legitimate domain will always have 'http://' to the left of it in which this case, is not Google. The above example is not dangerous as it's not even real. It's a mock up of what's out there to demonstrate what you need to look out for as landing pages for unsavoury web sites will appear very similar in form to the example above. Some appear like this:

http://www.g00gle.com

This may look obvious, but when fonts are mixed to make 'g00gle' look like 'google', it is so easy to fall foul.

When a hacker mixes and matches this technique with sub domains, sub directories, mispelling techniques like 'rnicrosoft' and so on - we're not talking houdini levels of misdirection but computers cause square-eyes for everyone after 8 hours so it's not difficult to make a mistake and bite a hackers bait.

Beware of hidden URL's too. This is when a hacker uses something called a 'html tag' to hide the real URL on a 'google' link. When you hover your mouse over it, at the bottom left of the page will be the misleading domain. I recommend taking the time to make it a habit to hover over a search result, then verify the domain yourself with the pop up to the bottom left of your screen as this will be the legitimate domain.

For more information, I recommend checking out Nathan House (Cyber Security Expert, Founder and CEO of Station X) at his website https://www.stationx.net/nathan-house/.

Huw Tremlett

Data Management Consultant

Huw Tremlett