How to spot a spoofed website

You know those emails you get from banks asking you to visit their website to confirm your details?  Those are phishing emails - one half of the ploy to alleviate you of your identity.  The second half of the ploy which comes in the form of a spoof website, and once you click on a link within a phishing email you'll be directed to one of these.

There are some typical characteristics of spoofed websites, typically they will have an IP address (e.g. 43.34.59.42) instead of a friendly URL (e.g. https://blogs.technet.com/james) or they will have an strange looking url which resembles the authentic domain name but have a twist in the tail (e.g. https://blogs.technet.com.spoof.com/james).  It's a trick to catch you unawares and if for the less tech-savvy user this can be a particular problem.

In Windows Mail (Vista), Live Hotmail, Windows Live Toolbar and IE7 we've gone to great lengths to protect users from this kind of identity theft with warnings, alerts etc.  It's worth reading more on this particular subject which leads me on to link to this website I found via the Microsoft Security Newsletter today: https://www.microsoft.com/protect/yourself/phishing/spoof.mspx

If there's one link you send to friends and family today, make sure it's this one. 

Technorati Tags: Phishing, Spoofed Website