Detection of Scam Websites

Scam websites come in all colors and forms. The content here ranges from simple advertisements to earn money, to the delivery of dangerous malware designed to shut down entire networks. Often, existing, respectable websites are copied one-to-one by criminals and end up looking deceptively real.

Most common are so-called phishing websites, which imitate registration or login websites of well-known services and forward the entered information, e.g. passwords or credit card details, to the criminals. In most cases, the links to such websites are distributed via phishing e-mails and the recipients are tricked into visiting the scam website under false pretenses.

These tips will help you to protect yourself against scam websites:

  •     Always use up-to-date software when browsing the Internet. In particular, Internet browser updates should always be installed immediately.
  •     Check the Internet addresses (URL) of websites in the address bar of your Internet browser.
    • You can tell from the domain (e.g. "" or "") whether it is the legitimate version of a website. The domain part of the URL can be found between "https://" and the next forward slash ("/") and is now highlighted in most Internet browsers to avoid confusion.


    • Always make sure that the domain matches the website you wanted to visit.

    • For example, if it says "" or "" or "" instead of "", it is most likely a scam website.

  • Make sure you have a secure connection: https:// instead of http://.

  • Check links, especially in e-mails or advertising banners, before clicking on them. Hover your mouse cursor over the link (without clicking on it) and check if it leads to the expected website.

  • Checking the Encryption and the Certificate

    The lock symbol in the browser indicates that received and sent information (e.g. passwords) is encrypted. By clicking on it, you can open more detailed information. A click on the small arrow opens information about the certificate of the website.

    Checking the Encryption and the Certificate
    © Universität Münster

    Legitimate websites nowadays usually always identify themselves with a certificate, which confirms their authenticity and enables the encryption of transmitted data. This allows you to check whether the information in the certificate matches the website you are visiting.

    © Universität Münster