Detection features of phishing websites

Phishing websites often look like the original site at first glance. However, there are often ways to detect the fake. Here you will find some help for this.
In general, it is important to be attentive when visiting websites where sensitive data is entered, and not to click lightly or enter your data without thinking.

Incorrect address (url)

In addition to completely different addresses, addresses that look very similar to the fake one are often used to make detection more difficult, for example by:

  • Omitting or adding a letter or using a similar letter
  • Use of address components of the fake website
  • Use of a previously unregistered top-level domain

Security features are missing

  • SSL/TLS encrypted transmission (https instead of http only)
  • Security icon in the browser (locked padlock)
  • Details of a valid security certificate (click on the lock symbol in the browser)

Fake security features are used

Detection is often difficult. Further information can be found on the following websites:


Anomalies in input fields

Fake bank websites often require PIN and TAN to be entered on the same web page, while original sites never do.

Example of a phishing website (Postbank) → »Click« on the image for an enlarged display
Example of a phishing web page (Sparkasse) → »Click« on the image for an enlarged display