Scammer and hackers are using carefully crafted fake domain names or website addresses to trick internet users into believing that they are on a legitimate website. Below is a carefully crafted fake domain name or website address that is being sent in e-mail messages and posted on social networking websites to trick persons into believing that they are on the legitimate Facebook website located at www.facebook.com.
The Fake Facebook Website Address
www.facebook.com.login.php-profile-signin-gkmeydlw.ihtts.com/index.php?s=dot
Looking at the domain or website address, the first thing you will notice is facebook.com. Therefore, you will assume that you are on the social networking website facebook.com, but this is not so. If you go to this domain name or website address, you will actually be taken to the website: ihtts.com.
A hacker or scammer can steal their victims' username, password, credit card information and other information by creating a fake webpage and sending a carefully crafted website address to a fake webpage like the one above to them. Once the victims visit the fake website, they will be asked to sign-in, enter their personal and financial information, but once they have attempted to do so, their account credential and other sensitive information will be sent to the cybercriminals behind the fake website.
When you are reading a domain name or website address, you need to read it from right to left. Reading from the right (exclude “index.php?s=dot”), the first part of the domain name or website address is called the top-level domain (TLD). The top-level domain (TLD) is the highest level in the hierarchical Domain Name System.
In the domain name or website address above, the top-level domain name is ".com" and the second-level domain is "ihtts". If you put both names to together it will form ihtts.com. So, to determine which website you are actually on, you can use the top-level and the second-level domain names. Each domain level is separated by a period or full stop (.).
After the second-level domain name, you can have the third, fourth, fifth and so on. In the domain name or website address above, the third-level domain name is "php-profile-signin-gkmeydlw". And, "facebook" in the website address is at the sixth level.
Let us break the domain name or website address above into different levels. Please remember that each level is separated by a period or full stop (.):
- Top Level: com
- Second-Level: ihtts
- Third-Level: php-profile-signin-gkmeydlw
- Fourth-Level: login
- Fifth-Level : com
- Sixth-Level: facebook
- Seventh-Level: www
Some web browsers actually help their users to determine which website they actually on, by only displaying the top-level and the second-level domains in the address bar.
Before entering any information on a webpage, please ensure that you are actually on the correct website and not a fake webpage on another website created to steal your information. Look at the top-level and second-level domain names to determine the website that you are actually on.