Identifying Obvious Scammers and Their Websites
There are many scam websites on the internet. There are fraudulent bank, courier, delivery, escrow, auction, government, law enforcement, job recruiter, oil companies, employers, immigration, non-government organizations, law firms, consumer stores, pet delivery companies, etc. The list is endless. Any website you encounter could be fraudulent, even if it looks fantastic! Some scammers use scam websites to make fraudulent companies appear legitimate and their scams more believable
Just as importantly there are scammers who say they are, or work for those same companies above, yet they don’t have their own domain or website and they use free email addresses, especially ones chosen to match their supposed company or government name! That indicates that they are scammers! Please also read “Anatomy of a Scam Email”
Always ask a prospective company or governmental agency for the name of their website and if they claim not to have a website, or say their website is under construction or maintenance or development or they removed it because of hackers, they don’t have a website and are probably scammers. If they they are using a free hosted/sub-domain website or a free domain redirect, there are probably dealing with a scammer! (See “Free Hosted/Sub-Domain Websites” and “Free Domains Redirects below)
Many scammers use paid domain websites however some do not for several reasons explained later in this article: (1) they attract more attention from and are frequently posted on anti-fraud sites giving the scam and scammer unwanted exposure, (2) they are frequently removed for abuse and (3) a domain, and therefore a company, can be identified as fraudulent by finding out how recently the domain was registered with www.domaintools.com. See “Paid Domain/Websites” below.
There are some simple ways that some scam websites can be spotted. This article will not make you an expert. Just because a website does not meet the guidelines below, it does not mean its not a scam! If after using the information in this article, you are still unsure as to whether or not a website is a scam, you should post the name of the company, the website and the contact information in the forum and a support person will look at it. There are other articles that can help identify fraud and fraudulent websites:Internet Fraud Support and Information, aa419’s Online Search Tools and ScamChecker Website Scam Checklist and Cyber Crime Ops “Due Your Own Due Diligence” If you find a website that you think is fraudulent please post it on this forum so that others can be warned and an abuse report can be filed against it. You can also submit it to aa419’s BlowaWhistle which is also a investigative tool.
Netcraft’s toolbar is a free add on for Firefox browser which can help identify fraud sites though we do not endorse it. It has a risk rating system for each website, and shows the approximate date the domain was registered. It can warn you when you visit some fake phishing sites.
A Company or Government Agency That Does Not Have It’s Own Domain and Website is Very Suspicious
Almost all legitimate companies and government agencies have websites and domains! (If “http://www.website.com” is the website, the domain is “website.com”) A company or government buys and registers a domain and then pays a hosting company to host a website on that domain. Domains and website hosting cost very little considering their importance in the internet age, so there is almost no reason for a legit company or governmental agency not to have a domain and a website! Unfortunately, “companies” and “government agencies” who want to do “business” with you and don’t have domains or websites are often scammers.
There are “companies” that join and advertise extensively on B2B networks such as Tradekey, Alibaba, Gmdu.net, EcPlaza, Tradeboss, to name just a few. Though many of these companies claim to have thousands or hundreds of thousands of dollars in sales, 100 or more employees, they don’t have their own domain and/or website and only have a website on the B2B network subdomain? That is a good indication they are scammers. B2B networks are infested with them. Never assume that because a company is on a B2B network or is a “Trustpass” or “Gold” member that they are not scammers. Many of these scammers will only use small B2B websites or appear in B2B directories. Please also read: Africa Import/Export Scam.
Be Very Wary of “Companies” Who Say There Websites Are Under Construction or Maintenance
Some scammers claim they have websites but they are “under construction” or “under maintenance”, or they removed their website because of hackers or fraudsters. No legitimate company or governmental agency would make either excuse or any other. Many times the scammer’s website has been removed for abuse. Websites can be created in days, even hours and the fact that they are copied and even hacked, is no reason not to have one as they are essential to doing business in the world today…unless you’re a scammer!
Domains Used Only to Send Out Scam Emails
Some scammers register domains and use them only to send out scam emails which are more believable because they don’t come from a free email address. For example, they will register the domain realbank.com and send out emails from email@example.com. However, when you go to www.realbank.com there will be no website or it will say “under construction” , “coming soon” etc. When you receive an email that appears to come from an email address based on a domain (as opposed to a free email address) always make sure there is a working website on that domain. If there isn’t one, you are most likely dealing with a scammer. Please also read: Official looking free email addresses loved by scammers.
Contact Page and Contact Information
+4470 Numbers Indicate Scam
Find the contact information of the individual or company that owns the website. This information could be on the “contact” page or elsewhere. Any website that has a telephone and/or fax contact number that begins with +4470, +44070, or +44(0)70 is a scam website as the person or company is pretending to be in the United Kingdom when they are actually somewhere else! See +4470 Phone Numbers for more information.
Free or Public Email Addresses are Very Suspicious
Any website that has a free or public email address (such as hotmail.com, gmail.com, yahoo.com, etc.) in the contact information and/or does not have a telephone number and a postal address or at least a company location should be treated with great suspicion! (Pay special attention to email addresses such as @consultant, @barrister, @attorney, or @london which look official but are actually free email addresses. Scammers use these email addresses a lot. See Mail.com Free Email Addresses) for a complete list of these email addresses. If you are unsure if an email address is a free email or not, Google the part after the “@.” If its a free email address, the search will reveal the website of the provider of the free email address. However if its not, the search should reveal the company’s website.
Scammers frequently use free email addresses because they are quick and easy to get and set up, free, anonymous, and cannot be traced. Legitimate companies seldom do.
Mobile Telephone Numbers
In keeping with their need to be anonymous, scammers almost always use pre-paid mobile phone numbers which cannot be traced. Legitimate businesses seldom use them as a main telephone contact number. So contact information that only includes mobile telephone numbers is highly suspicious. Assume a mobile telephone is a pre-paid one. Consult this list: Mobile Phones By Country.You can also use this online tool: Numbering Plans Click on “phone number analysis” then type in the phone number with a “+” in front of the country code. Click “analyze.”
No Contact Information is Very Suspicious
If there is no contact page or contact information, that’s extremely suspicious. Legitimate companies have little reason not to list their contact information, including phone number and postal address, after all they want customers. Scammers are reluctant to list contact information because when their scam websites are discovered, that information can be posted and then Googled. Since they sometimes use the same telephones numbers and email addresses, their next scams and scam websites are more easily discovered. Also, with no contact information or location, a victim cannot contact the proper government agency to see if the company is properly registered. With no postal address, a victim cannot see if the address is real.
Another reason scam sites may have incomplete or no contact information is, many scammers are not “looking for customers.” Instead, victims are directed to the scam sites via other scam sites, scam emails, scam SMS’s and/or scam ads.
If the company sells some product or service look for information on what form of payment they want. Any website that demands, prefers or even mentions payment via money transfer, such as Western Union, MoneyGram, CoinStar, MoneyBookers, Liberty Reserve or Bank to Bank Transfer is a scam website or should be treated as one! Never pay anybody you don’t personally know using Western Union/MoneyGram or any other money transfer company, or Bank to Bank transfer. See Western Union and MoneyGram Indicate Scam. Please note that PayPal’s Buyer Protection has many loopholes which scammers can exploit. See: PayPal and Bank to Bank Transfer.
Any Chinese website selling goods should be treated with extreme caution. Please read Buying from China? Free Hosted/Sub-Domain Websites
There are many website hosting companies that give free hosting of websites on sub-domains of their domains. You can tell a free hosted/sub-domain website because, the name of the website or the URL always ends with the name of the hosting company. such as “webs.com”, “page.tl”, “hpage.com”, “yolasite.com”, “webng.com”, “tripod.com”, “zoomshare.com”, “host.ed.com”, “8m.net”, “spruz.com”, “110mb.com”, “uuuq.com”,” 350.com”, “moogo.com”, “webstarts.com”, “weebly.com”, “freeiz.com”, “herobo.com”, “host-ed.net”, “is.com”, “officelive.com,” “99k.org,” “xtreemhost.com”, “zzl.org”, “zzl.net”, “50megs.com”, “biz.nf” and “comxa.com” are just a few! There are many others! So a URL like www.petfaketransport.110mb.com”, “www.scamsite.hpage.com”, “www.phantomyorkies.webs.com”, “www.scamelectronics.page.tl”, “www.fakejobrecruiter.officelive.com” is free hosted/sub-domain website.
Sometimes there are advertisements for the free hosting company at the top or the bottom of the website so that is another clue. If in doubt, Google the suffix of the domain name, such as “webs.com” or “hpage.com” and if it is a free hosted website, it should take you to the home page of the hosting company. Websites on B2B networks fall under this category.
These free hosted/sub-domain websites are a favorite of scammers. They are free and as anonymous as free email addresses. Additionally, there is no domain registration date or registrant information. which is very important when investigating whether a website is a scam. Be wary of dealing with any business or person connected to a free hosted/sub-domain website, where money is involved.
Very few legitimate business use a free hosted/sub-domain website, which might have limits on bandwidth, data, the number of or size of pages and carries third party advertising. As stated before, they register their own domain and website for a nominal fee.
Scammers know that potential victims will be suspicious of a free hosted website so they hide them behind free domains redirects.
Free Domains Redirects
Several internet companies allow users to sign up for free domains. These include www.smartdots.com www.dot.tk, http://www.com.nu, http://www.co.cc, http://www.freedomain.co.nr, www.cc.cc, http://www.popnic.com, http://www.lyp.nl and www.unonic.com to name a few. The user is able to choose the domain, however, it always ends in a the suffix associated with the free domain. The most popular free domains end in: “tk”; “co.cc”; “cc.cc”; “co.nu”; “tc”; “cz”, “nr; “pn”lyp.nl” and “tf” There are more however. Since, these suffixes are less noticeable that those of free hosted websites, many scammers get a free domain and point it, also known as redirect, to a free hosted website thus making that site look more legitimate.
Paid domains end in “one word” suffices such as “.com”, “.org”, “.biz”, “.ws”, “.us”, etc. Anytime you see a compound or two name suffix such as “co.cc”, “biz.nf” you should be suspicious and investigate further, including, requesting help from a support person in this or any other anti-fraud forum. One of the few legitimate compound or two name suffices is “co.uk” which belongs to the United Kingdom.
When you see a URL such as “www.pettransport.tk”, “www.fakebank.com.nu”, “www.electronicgoods.cc.co”, “www.fakecourier.cc.cc”, “www.jobrecruiter.nr.tc”, www.fakeoil.int.tf” it is a red flag because these are free domains and they are almost always redirected to a free hosted website. Only scammers would attempt to hide a free hosted website. If you are curious, you can figure out the actual URL of the free hosted website by placing your mouse over any menu item in the website. A URL will appear which will show the free hosted website.
There are many scam websites which are on paid domains, in other words, they end in .com, .org, .net, .biz, info, etc. One of the easiest ways to figure out if such a site is legitimate is looking at the domain registration or WhoIs information. You will need to use a utility to view this information: http://whois.domaintools.com Click on, or copy this link to your browser and hit the Enter key. You will see a blank space with the words “Enter A Domain or IP Address”. Type in the URL of the website you are checking into that space, then click on the “Search” button. Move to the bottom half of the page and you will see (1) the name, telephone number, email address and address of the registrant (the person or company that registered the domain), (2) the date the domain was registered, (3) the date the registration expires”. These three facts can reveal even the best designed website, and thus the company, to be a scam.
The date the domain was registered is the most important item in identifying a scam website. Any company whose domain was purchased less than a year ago should be considered very suspicion. Fraudsters try to make their fake companies appear legit in many ways, two of which are (1) declaring that they have been in business for a long time and (2) picking a company name or domain name similar to the name or domain name of a real company, and even copying all or parts of that company’s website, including the design and images (This is called “spoofing”. However, they cannot change the date the domain was registered and it will not conform with the claims made in website’s content. When a company’s website claims it was established in 1995 and the domain was purchased in 2011 the company is almost certainly fraudulent. Additionally, if you go to a website that is supposed to be Bank of America’s website, say its called www.bankamer.com and that domain was registered six months ago, obviously that is not Bank of America’s actual website (which was registered perhaps ten years ago) its a scam website spoofing Bank of America’s website.
Most scam websites are quickly reported and and posted on various anti-fraud blogs and forums and removed for abuse. People are alerted to the scam by Googling the name of the website or the contact information of the scam company. Fraudsters are thus forced to register new scam domains. Most scammers put up a scam website and then send out thousands of scam emails (this is known as “blasting”) and/or post hundreds of ads on free classified or B2B websites referring to the scam website. They know that the website will soon be removed and/or “publicized” but they hope to scam some people before that happens.
Since, very few scam websites survive more than one year, scammers generally only register the domains for one year. So, another indication of a potential scam is a domain only registered for one yea. Most companies intend to be in business a while and register for domains for longer than a year. Some domains, such as a “co.uk” domain require at least a two year registration. Additionally, some scammers may purchase a domain for two or three years just so that they do not attract suspicion.
Contact Information and Identity of Registrant
You can also look at the registrant information which includes the name, physical address and telephone number of the person or entity that registered the domain. In some cases with domains registered outside the U.S. the registrant is not listed. Some registrants use a “privacy service” which hides the registrant’s identifying information and this is a big indicator of a scam. Instead of the registrant’s name you will see “Domains By Proxy”, “Privacy Protect”, “Contactprivacy.com” “Who Is Privacy Protection” or something similar. There are legitimate reasons to use such a service, however, hiding the name of the scammer is the most illegitimate and the most common. Scammers hide the registrant’s information because many anti-fraud forums will post the name of the registrant of a fraudulent website. So people who Google will be able to identify not only the scam website but the contact information the scammers are using. Since the scammers intend to continue to put up scam websites, they will need to hide their “identities” or all their scam websites will easily be discovered and removed.
If the registrant’s identifying information is not protected, look for inconsistencies, for example, (a) a registrant whose address is in a different country that the address of the company listed on the website, (b) an individual registering a domain for a company or governmental entity. The location of the registrant should match the location of the company on the website. The name of the registrant should match the name of the company. Any recently registered domain where the registrant is in a country where many scammers operate such as all the nations in West Africa, including Nigeria, Guyana, Sierra Leone, Cameroon, Benin, Togo, Ivory Coast, or Malaysia or Russia should be viewed with suspicion.
Website Design, Appearance & Content
Many scam sites are created using text and images stolen from legitimate sites or other internet sources which may not necessarily go together and many scammers do not have good English language skills. Looking at the design, text and appearance of a website can reveal whether it could be a scam site. Does the site look amateurish, cluttered and/or disorganized? Do the images look altered or distorted, especially logos? Are there misspellings and/or pronunciation, grammatical or syntax errors? Does the website address match the company name? Is the company name the same throughout the website? Of course, a perfect website can be a fraud also!
Look at what the website text says about the company? Is it specific or general and “generic”? Scammers will frequently use text from other websites that is “interchangeable” and stay away from specifics. Many times if you were to Google portions of the text you would find that it has been used in other websites. That means its more likely that the company doesn’t really exist and the website was just copied from the websites of real or scam companies.
Googling is an important tool in figuring out if a website is a scam. This is important because this forum, along with other forums such as aa419.org, Antifraudintl.org, Cybercrimeops.com, and many blogs, post scam emails and scam websites, including the name of the scam company, its email address, telephone number, address, the URL of the scam website, and officers of the scam company. This information is invaluable in informing the public of a scam website but you have to Google to find it. Google everything, the company name (putting in quotes), the email address, the name of any officer or contact person. When Googling the name of the website, it is important to leave out the “www” or the “http://” Googling the telephone number is very important but there are different formats for telephone numbers. If you Google the number and nothing comes up, make sure you put in an different format, for example, a U.S. number is usually formatted with the area code in parenthesis and a dash between the prefix and the main number, for example, (206) 123-4567. Remember, scammers will change the format of the number to attempt to hide its origin and also to hide it from a Google search. For example, the country code for Cameroon is 237. The format for international numbers is country code with a plus in front if it and then the main number. A Cameroon number would be +237 1234567. A scammer may format the number as 001 23 71234567 so that the country code is not as obvious.
These free hosting services do not in any way tolerate abuse by scammers and remove scam websites when they are notified, however, a scam website can stay up long enough to scam numerous people before its reported and removed. Unfortunately, many times, its only after the scam has been successful and a victim reports it, that the free hosting service is notified.
If there is no menu there is a more complicated way of figuring out the free hosted website domain to which the site is directed and that is examine the page source of the website and locate the Html codename “frame src=” and after the “=” you will see the URL of the actual website. You can view the page source of any website by following the instructions below. For other browsers, check the help section.