How can I identify phishing websites?

The following are some characteristics of Phishing websites.

Hidden Address bar
Many Phishing websites disable the browser’s ‘address bar’, meaning that the address of the website you are visiting is not visible to you. This is deliberate so that you will not notice that the site you are viewing is a hoax website and not the correct address.

Deceptive URLs.
Phishing emails sometimes show links that appear similar to the web address of a genuine company website. Clicking on these links however will result in you visiting a hoax website. Here are some indicators to be watchful for:

  • If you see an @ character in the middle of a URL, there's a good chance this is a spoof (e.g. https://Betfair.com@ 3574397731).
  • Even if a URL contains the word "Betfair” it may not be a Betfair site.

Examples of deceptive URLs include: www.Betfairsecure.com, www.myBetfair.com etc. Pay close attention to the URL structure. E.g. myBetfair.com is not a genuine Betfair URL whereas my.Betfair.com is (myBetfair.com is totally different domain to Betfair.com). The primary domains used by Betfair include Betfair.com and Betfairpoker.com.

Recommendations:

  • If you think you may have accidentally visited a Phishing website, we're only a phone call away to help you.
  • If you are suspicious whether a website you have visited is an authentic Betfair website please contact antiphishing@betfair.com.

Figure 1: Spoofed Betfair site with deceptive URL
Image

Figure 2: Spoofed Betfair site in decimal format
Image

Figure 3: Spoofed Betfair site with URL containing word Betfair
Image

Figure 4: Spoofing domain name with Betfair as sub domain
Image

Figure 5: Spoofing domain with close spelling (www.betfaiir.com)
Image