Protect Yourself from Website Cloning: A Guide to Spotting Copycat Websites

Pockit
January 20, 2024

In the digital age, cyber criminals are using sophisticated methods to deceive and scam users and steal sensitive information, like login details to your Pockit account. We prepared this blog post about a tactic criminals are using for phishing purposes called Website Cloning, explaining what it is, how you can spot it and protect yourself and your account:

What is website cloning?

Website cloning is a method where cyber criminals create nearly identical websites to mirror original ones out of malicious motives. The cloned websites have a URL (the site address) very similar to the original and can fool users by exchanging lookalike characters, doubling certain characters in the URL, or registering a domain where a single letter is different.

The website itself is normally almost an exact copy with the same design, logos and imagery, making it hard for users to spot they are in a scam website and giving away their account details.

Why scammers do this?

Cyber criminals use this page to collect login details, passwords, security answers to get access to your Pockit accounts and money.

How to spot a cloned website? 

There are a number of ways that can help you spot a copycat website. Follow our top 3 tips to avoid falling victim:

1. Verify the Web Address (URL)

Pay close attention to how Pockit is spelt to ensure no letters are replaced with numbers or other characters. Criminals will use slight changes to the website address, such as changing “i” to “l” or “a” to “@”.  For example, changing “pockit.com” to “pocklt.com” to fool distracted users and steal their account information.

A good way of ensuring you are accessing the correct website is typing in the address https://pockit.com manually on your browser.

2. Read the homepage

Take a couple of minutes to double-check the site; don’t dive straight into filling out an application form or login information.

3. Is it a paid search engine ad?

Look out for paid-for search engine results. These are the boxed adverts displayed at the top of search engine result pages. Quite often, the official site is the first or second non-paid-for link that appears below the ads.

What else can I do to protect myself?

Download the Pockit App in the Appstore or Google Play. It is a more secure way to access and manage your account directly from your phone.

What can I do if I suspect my account or password have been compromised?

If you believe you shared your password on a cloned website, if you can, please login to your Pockit account using your Pockit app or on Pockit.com and change your password.

If you are unable to access your account, contact us to report the issue and our team will help you.

Remember: Pockit will never ask you to provide your full password or security code over the phone.

By adopting these precautions, you can significantly reduce the risk of falling victim to website cloning and safeguard your sensitive information. Stay vigilant, be cautious!