This is a guest post from Tom Mahoney, Director of Merchant911.org.

Fake websites can be dangerous to your bank account and your identity. Fortunately, they are easy to spot if you just take a few seconds.

Remember that no company, whether it’s your Internet Service Provider or your bank or even the IRS, will ask you for a username, password, or sensitive financial data via email. They just don’t do it. Be especially wary of an email that contains a link for you to click to provide information. In almost every case, that link will take you to a fake website commonly known as a Phishing site. It may look just like the real thing but any information you type in and submit will go to a thief.

Whenever you are filling out a form containing sensitive information like passwords, or financial data like credit card numbers, be observant. The URL in the address bar should begin with https – not http. The S in https indicates that it is a secure site and the information that you enter will be encrypted before it is sent over the Internet. If the URL is http:// the information will not be encrypted and you probably shouldn’t send it.

Check that URL again and make sure that the site is really what it appears to be. In most cases the company name will appear right after the https://www part of the address. If it appears near the end of the URL, chances are it’s a fake site.

https://www.somewebsite.com/someplace/ChaseBankLogin/ is not a Chase Bank page. If you really want to go to a particular website, do it by typing the address in the URL address box, not by clicking a link in an email.

Look for a small icon of a locked padlock somewhere in the window of the browser outside the page display area.  That should appear whenever you are on a secure site. Internet Explorer displays the padlock in the lower right corner of the window, FireFox displays it in the lower left. The latest version of IE displays the lock right in the address bar.  Be aware that this in not just an image. The padlock is a clickable link that will display security information about the site.

Spotting fake websites that are designed to steal your information are not hard to spot. A little vigilance and some common sense are all that’s needed. If the URL is right and the padlock is visible, chances are good that the site is legitimate. If you have any doubts, close the window, open a new one, and type in the URL of the site you want to visit.

And remember that email from companies that ask you to click a link and provide confidential information are not valid. Ever.