Website cloning: Don’t fall for that trap!

Website cloning: Don’t fall for that trap!

Have you watched one of those horror movies where the something impersonates the protagonist only to wreak havoc later? Well, website cloning does the same thing–to your business–in real life. Website cloning is one of the most popular methods among scammers to fleece you of your money.

As the name suggests, the cybercriminal first creates a ‘clone’ site of the original one. There can be a clone of any website, though retail shopping sites, travel booking sites and banks are the favorites of cybercriminals. The clone site looks exactly like the original one, barring a very miniscule change in the url.

Next, they will create a trap intended to get unsuspecting victims to visit the clone site. This is usually done via links shared through emails, SMS messages or social media posts asking them to click on a link to the clone site. The message urges the recipient to take an action. For example, a message that presents itself as though it is from the IRS, asking the recipient to pay pending taxes by clicking on a specific link to avoid a fine or business shutdown, or an SMS about a time-bound discount on iPads. Sometimes, they go straight for the target and masquerade as a message from your bank asking you to authenticate your credentials by logging into your banking portal–the only glitch, the banking portal will be a clone.

Staying safe

So, how do you identify a clone website and a dubious message?

  • Does the email sound too good to be true? Well, then it probably is. Nike giving away free shoes? Emirates Airlines giving you free tickets to Europe? Apple iPhone X for just $20? All of these scream SCAM!
  • Even if the message sounds genuine, such as an email from your bank asking you to authenticate your login credentials, check the email header to see if the sender’s email domain matches your bank’s. For example, if your bank is Bank of America, the sender’s email ID should have that in the domain. Something like customercare@bankofamerica.com could be genuine, whereas, customercare@bankofamerica.net is suspicious.
  • Check the final URL before you enter any information to make sure it is the actual one. Most shopping/banking websites, where payments are made and other personal details are shared are secure (HTTPS)and will have a lock symbol at the beginning of the URL. Also, check the domain. For example, something like- www.customerauthentication.com/bankofamerica is not

Identifying a cloned website is tricky, but it is not something you can afford to ignore.Giving away your personal and financial information to a fraudster can cause a lot of harm to you and your business.

Want more information?

First Name (required)
Last Name (required)
Email (required)
Company Name (required)
Telephone Number (required)

BYOD: Placing limits

BYOD: Placing LimitsIn our recent blog, we talked about the data security concerns that BYOD can bring to your workplace. There is another factor that needs to be considered before adopting BYOD. How much Bring Your Own can your IT...

Multi-factor Authentication Demystified

Multi-factor Authentication DemystifiedYou have probably come across the term multi-factor authentication of late. It is an IT buzzword today and is fast becoming one of the best practices of cybersecurity. So, what is multi-factor authentication, exactly? Read this blog to...

4 Lesser-known benefits of hiring an MSP

4 Lesser-known benefits of hiring an MSPYou are probably aware of the most common benefits of signing up with an MSP such as On-demand IT support: Having an MSP ensures that you get priority IT support when you need it....

Contact Us
close slider

Who should we contact?

Let us know how to get back to you.


How can we help?

What are we trying to accomplish?