How to recognise a scam website?

Criminals use scam websites to gain access to other people’s banking user IDs and payment card details. You may find your way to websites or online stores built by scammers through search engines, advertisements or links in messages.

Don’t log in to the op.fi service using links or search engines such as Google. Save the URL www.op.fi in your browser’s bookmarks and only log in to the service through it.

Phishing sites

Phishing sites are websites built by scammers to try to gain access to people’s personal data and banking details. You can recognise them from the following signs.

1. A suspicious address

Check the website address with care. Phishing sites may use addresses that resemble OP’s website or websites of other companies but include small errors or special characters such as info-op.fi or opfi.fi. OP’s official website is available at www.op.fi.

2. Missing page encryption

All online banks use encrypted browser traffic. In such cases, the padlock icon is shown in the address bar on the login page. If the page is not encrypted, you can be sure that you’re dealing with a fake online bank page.

You can view the website’s certificate by clicking on the padlock. The certificate will show the domain name. On a genuine web page, the domain name is the address of the website that you intended to visit and belongs to the organisation whose services you’re using.

3. Bad grammar and typing errors

Phishing sites usually include grammatical and typing errors. In contrast, official and reliable websites aim to use language correctly and create a professional impression.

4. Suspicious requests

Are you asked to enter your banking details or personal data on a website without any good reason?

5. Non-functional buttons and menus

On websites, always check that all buttons and menus work. Phishing sites may be screenshots of OP’s official web pages. In this case, the front page banner will not move and the menus will not work on the phishing site.

You can usually log in to a phishing site impersonating as an online bank using your banking user ID. However, not all login options may not work or some of them may be missing altogether.

What can a phishing site look like?

Scam online stores

1. Offers that look too good

Is an online store full of products or services at unusually low prices? Or are you offered considerable benefits that seem too good to be true? Stop and assess the situation, as the store may be a scam.

2. Unknown payment methods

Be alert if an online store offers unknown or suspicious payment methods. These include forms and apps that can be accessed through a link.
Real and reliable online stores offer generally known and secure payment methods such as credit cards, online banks and mobile payments.

3. Missing contact details and delivery and return terms

Check whether you can find contact details such as the address, phone number and email address in the online store. In addition, you should be able to find delivery and return terms in the online store, as well as information whether the store offers customer service. Scam online stores may leave these details out or provide incomplete information.

4. Negative reviews

Find other users’ reviews and experiences of the online store. Several negative reviews or warnings may indicate that the store is a trap sprung by scammers.

5. Suspicious pop-up windows

Do windows frequently pop up in the online store, requesting your personal data or asking you to download something on your device? This may be a sign of an attempted scam.

6. Outdated or unprofessional layout

Scam online stores may look outdated or badly made. Reliable online stores invest in a professional layout and positive user experiences.