Scams used to be easy to recognise by their awkward language or clumsy layout. However, present-day scammers are quite skilled and often operate professionally.
You should also be sceptical about the links provided by a search engine, such as Google. Scammers churn out genuine-looking imposter websites that sometimes occupy the top search results instead of the real websites.
The purpose of an imposter website is to make people believe they’re visiting the real website, such as their online bank, and to phish among unsuspecting victims for online bank user identifiers or other personal details.
You can end up at an imposter website in other ways too, such as through a link on a web page or pop-up ad. You should be particularly careful if you access your online bank’s login page through a link on a website that you don’t know.
How to recognise a scam website?
Check the website’s correct address in the browser.
The address of a phishing website will often resemble the address of the real site. For example, instead of op.fi, the scammers may have changed the letter o to the number 0, in which case the address would look like this: //www.0p.fi.
By typing your online bank’s address in the browser’s address bar yourself, you can rest assured that you’re on the correct page. And don’t forget OP-mobile! By using our mobile app, you can avoid scam websites’ login traps.
Check the site’s encryption and certificate.
All online banks use encrypted browser traffic. In such cases, the padlock icon shows in the address bar of the login page. If the page is not encrypted, you can be sure that you’re dealing with a fake online bank page.
You can view the website’s certificate by clicking on the padlock. The certificate will show the domain name. On a genuine web page, the domain name is the address of the website that you intended to visit and belongs to the organisation whose services you’re using.