How to Identify a Malicious Website

One of the ways computers can get infected online is through malicious websites or phishing scams. This happens when a scammer links a user to a website that looks exactly like a familiar site like Microsoft or Google, but is actually the scammer's site. Users will often input their username and password on the malicious site, and the scammer will then have control of their account.

It's possible to avoid these types of scams, though, just by taking a close look at the URL, or website address. Normally we read things from left to right, but in this instance you'll want to read it right to left. This will shed some light on where the website originates, and whether or not it's actually what you think it is.

First look at the domain extension in the URL bar, which for a lot of sites is .com, .net, .edu, etc. This may be something else, like .in, which is the country code for India. If it's a country code, then there's a good chance that site or business is from that country. There are exceptions to this rule, however -- for example, Leo's netcast network TWiT is located at twit.tv, but is not located in the Pacific island nation of Tuvalu. In this case it's used as an abbreciation for "television."

Just to the left of the domain extension is the actual domain, aka the site you're visiting. If all that shows up in the URL bar is "http://microsoft.com", then you know you're on the official Microsoft website. Scammers will try to fool users by putting a familiar name like"microsoft" in their own URL, however. So you may find that the URL actually says "http://microsoft.(something else).com." It may look identical to the Microsoft website, but instead you'll be on the scammer's website. The part of the URL furthest to the left is *not* indicative of the site you're on. This is only a subdomain of a different site.

It's a good idea to avoid clicking links from email, and type out the web address whenever possible. Always double check the URL bar in your browser to make sure it is the site you intend to visit. When it comes to security online, you are ultimately the last line of defense, and simply knowing how to detect scams will prevent you from becoming a victim.