Phishing site would be a site which created very similar to the original website to trap user.
If you didn't take note of several security validation, you might probably entering your user id and password to the phishing site, and the owner of the phishing site will get all your login information and able to access your real account then.
You can always call to those online banking site if you suspect the site is a fake or phishing site.
Here by would be some tips to validate our local Maybank2u site:
1. URL
You have to always be careful and notice the Url of your site.
Take note of
a. URL Protocol : e.g: always be https:// ( for secure online banking system )
b. Domain Name: always be a valid or related domain name and not those xxyyzz.aa
c. Query String: always be a valid query string but not those weired one.
Below figure is Maybank2u site which always reporting latest fake or phishing site.
Take note if you found your current Maybank2u site URL are listed at the red circle in the figure.
2. Always check for security certificate of site owner.
How to check ?
a. Always note on the right bottom site would show a LOCK icon whenever it is a https secure site.
b. Right Click the page > Property of the page > Click on the Certificate button
You will get to know this certificate is issued to which owner.
In this case would be www.maybank2u.com.my
and is issued by www.verisign.com.
Besides, you will get validity period from when to when.
Go for the certificate path tabs and check for the certificate status whether it is ok or not.
3. Be advised that not to open pages via email links or IM links
Those unknown source of links might have hidden query string and will divert the page to a phishing site.