Which of these Halifax Bank URLs is the scam one?

[Nottseagull]

www .halifax-online.co.uk
helpdesk@halifax.co.uk

One of these is given by a scammer; the other is on the genuine log-in page.
But how the hell are you supposed to tell the difference when organizations can change the prefix of their URL instead of the suffix?

 

[Badger]

One of them is an email address and the other is a URL

 

[Bold Seagull]

Safest thing to do is not to click links from emails or other websites, but always type in the banks web address as on your statements or what have you into your browser.

 

[Birdie Boy]

Never trust an email from a bank and never give account details, passwords etc. in an email. Then you can't go wrong. Banks will never ask you for your password in an email, if they di it's highly like to be scammers.

 

[BensGrandad]

Is there a general problem with internet banking for Halifax or is this general warning for future reference.

 

[Bozza]

One is a URL and one is an email address.

However, both halifax-online.co.uk and halifax.co.uk are legitimate and safe URLs to visit...

http://www.checkdomain.com/cgi-bin/checkdomain.pl?domain=www.halifax-online.co.uk
http://www.checkdomain.com/cgi-bin/checkdomain.pl?domain=halifax.co.uk

 

[SurreySeagulls]

When anyone person wants your bank details always give it to them, espically if they promise that you will be given millions of dollars for helping them out.

 

[GYM]

Halifax UK | Bank Accounts, Savings, Loans & Mortgages is the main bank webpage.

Halifax - Internet Banking - Unavailable is the online banking and is where you are re-directed to when going through the main page.

 

[Nottseagull]

Is there a general problem with internet banking for Halifax or is this general warning for future reference.

It's a complaint that instead of using, say, http://www.halifax.co.uk/whatever (which cannot be used by a scammer) they are using variations of this such as the halifax-online one I gave, which is actually the genuine one.

 

[Acker79]

I would also advise not clicking the links even if it looks right, as you can easily www.genuinhalifaxurlhonestitis.org - make a link appear as any text. Set up a legitimate looking sign in page, mask the url.

 

[Lankyseagull]

Ask Howard?

 

[Nottseagull]

However, both halifax-online.co.uk and halifax.co.uk are legitimate and safe URLs to visit...

So what is to stop a scammer setting up a fake site under, for example, the name http://www.halifax-login.co.uk? My point is that they wouldn't be able to set up one named http://www.halifax.co.uk/login, so it looks to me that organizations like Halifax are assisting in their dimmer customers being duped by legitimising these sort of prefix URLs.

 

[Bozza]

So what is to stop a scammer setting up a fake site under, for example, the name http://www.halifax-login.co.uk? My point is that they wouldn't be able to set up one named http://www.halifax.co.uk/login.

I'm, sorry I'm not entirely sure what you're talking about.

No-one other than the bank could do either....

xxxx.halifax-online.co.uk, or
halifax-online.co.uk/xxxx

Now, of course people could register a very similar domain name and use it for bad things which is where you need to have your wits about you. As others have said you need to be very careful when and where you click, and where you enter authentication details.

 

[beorhthelm]

It's a complaint that instead of using, say, http://www.halifax.co.uk/whatever (which cannot be used by a scammer) they are using variations of this such as the halifax-online one I gave, which is actually the genuine one.

but it is genuine. i'm confused.

 

[Acker79]

but it is genuine. i'm confused.

I think nottseagull is saying that if all halifax sites were "www.halifax.co.uk/xxxxx" people would be able to tell more easily that it is a genuine site, (a scammer can't buy halifax.co.uk/login). By having a range of legitimate websites such as 'halifax.co.uk' and 'halifax-online.co.uk' etc, people may not be as cautious when offered a 'halifax-login.co.uk' link (which a scammer could buy and set up) to click on since they are used to seeing a range of base website addresses and it would fit with all halifax's other urls.

I would go back to my point about being able to disguise urls on links, making it pretty redundant. Someone could make it appear that by clicking a link it is taking you to halifax.co.uk/login, even if it actually takes you to halifax-login.co.uk, if the page looks right, most people won't check to look at the url if the link looked fine and the page looks fine.

 

[gazingdown]

As alluded to in one of the posts above, even if a link "looks" right, do not click it. For example...
www.halifax.co.uk

Doesn't link to www.halfax.co.uk but goes to http://www.im-gonna-scam-all-your-money.com - try it above.

Type in the address in the address bar or google search to see what the correct site is. If you use it regularly then have a bookmark.

 

[Nottseagull]

I'm, sorry I'm not entirely sure what you're talking about.

I am grateful to Ackers for explaining it so comprehensively, and am also relieved that he has returned to his usual high standard of posting

 

[Woodchip]

If every URL is registered with a name (such as Jamie), address, company etc, why is it so difficult to catch scammers/phishers ?

Because you can choose to withhold your details from the WHOIS database.

Sent from my phone cause I can