How to spot and report fake websites and pharming scams

06 June 2021
There have always been scammers out to empty your pockets, but with the age of the internet, they’ve managed to get even more clever into tricking you out of your hard earned cash. Pharming and fake websites are a popular way to do this, so read on to know how you can spot them, and how you can report fake websites and pharming scams.
How to spot pharming and fake websites
Pharming is a scamming technique in which attackers redirect traffic of a legitimate website to another fraudulent website with the purpose of spreading malware or stealing sensitive data from victims.
It looks a bit like this. Let’s say you type in Facebook in the URL bar. You think when you you’re going to land on the official Facebook page, but in reality, scammers have found a techy way to send you to a fake website.
This fake website will look exactly the same as Facebook. Unless you're looking for it, spotting a fake website is incredibly hard.
The scammer will be able to see EVERYTHING you’re doing on this fake website page. When you enter your email and password, they can see it and note it. They’ll have that information on you. Now imagine how much damage they could do if they trick you into ‘signing in’ to your bank, using a fake page.
The scammer would have your name, and bank details. They could literally then just sign into your real account as you, and empty your account.
How they do this is quite technical and they use several techniques to make it possible, such as DNS Cache Poisoning or compromising a host to make it possible.
The best way to avoid getting pharmed is to always make sure you have a good antivirus or anti-malware installed and that it is updated regularly. These should be able to detect an edit to your computer’s address cache file and alert you before any damage is done.
Even without antivirus (or if your antivirus doesn’t spot it), you can stop a pharming attack by knowing what to look for.
When you go onto a popular website, in the URL, you should see a padlock in the address bar and ‘HTTPS’ at the start of the URL. This means the website has been validated by an authoritative third party to be what it claims to be. You should really avoid entering personal details, or buying anything on a website that doesn’t have this lock.
If you have been redirected to a fake account, this lock shouldn’t be there, and when logging into a popular site, make sure the HTTPS certificate is present. If you’ve noticed that the certificate has suddenly gone missing while you’re browsing a website - run a mile!
There are also a couple of other things you can look out for. The URL might have an incorrect spelling, or have random letters or numbers before or after it. Also, while scammers do a good job at making a fake website look real, the graphics might not be hi-res and the layout might be slightly off.
How to report a pharming and fake website scam
If you have been a victim of a pharming scam, or have spotted a fake website, there are a few steps you should take. First off, you should let the company who the scammers are pretending to be know what they are doing. Whether it’s a bank, government department or general popular website - if you let the company know, they can take steps to warn other people about the scam.
Often these companies will warn their customers of a pharming scam going around by updating their websites, or emailing their customers letting them know this scam is going around and how they can avoid it.
You should then report it to Action Fraud, which is the the UK’s national fraud and crime reporting centre. You can report a pharming and fake website scam to Action Fraud, using their online fraud reporting tool (Opens in a new window) or, you can directly talk to a fraud advisor by calling 0300 123 2040.
The 03 phone numbers cost the same as a call to local landline phone numbers, even from a mobile phone - so when you call action fraud you won’t be paying over the odds. But of course, reporting online is completely free.
After reporting a scam, you’ll get a police crime reference number and the case will be referred to the National Fraud Intelligence Bureau for analysis by the City of London Police.
Not every report results in an investigation, but every report of fraud helps the government build a bigger picture of these scams and how they work.
It’s important to remember that you can report a pharming and fake website scam even if you have not lost any money or given your personal details.
It’s worth checking out our beginner's guide to scams in general, because even though we are becoming more savvy about these fraudsters, there are new types of scams being invented all the time. So protect yourself and your money!