Research indicates that the majority of users are unable to spot phishing Websites. In a study commissioned by VeriSign in the U.S., researchers asked users to identify fraudulent phishing sites from images of Websites placed side by side. A whopping 88 percent of users frequently missed the most obvious "tell tale" indicator which was the misspelling on the site which would have identified the phishing site.
How do you ensure that your online user experience is not affected by fraudulent sites? Here are VeriSign's top five tips to distinguish a real site from a phishing site:
1. https:// in the URL: The "s" in https:// means the site is encrypted,
so the information you enter is secured. While some phishing sites
do have a secured Web address, many do not. Therefore, site visitors
should be on the lookout for missing security on sites that should
2. The padlock icon: To be meaningful, this icon must appear in the
actual browser interface and not inside the content of the page itself.
3. Trust marks: Simple visual cues in the form of popular logos can show
that a Web site is authenticated and secured, and that a company is
4. Check the Web address: Be suspicious of any site with an unknown domain
that contains the name of a well known site in the latter part of the
5. Green address bar: Signifies that a site has undergone extensive
identity authentication so that you can be confident it is the site it
claims to be.
And, to test if you can tell tell the difference yourself, take the Phish or No Phish Challenge.