Identity cloning is an increasingly common phenomenon. Fraudsters use a wide variety of mechanisms to in order to illegally elicit personal information such as usernames, passwords, dates of birth and addresses with a view to cloning identities. One such mechanism is where a fraudster provides a spoof (or clone) of a website, which to an unsuspecting user appears identical to the original. Believing that the website is the original, the user provides personal information, such as login details or credit card details, which are recorded by the fraudster. A more sophisticated approach is a “man-in-the-middle attack” in which a fraudster provides the clone website and records the personal information, but also passes the personal information to the real website, which logs the user in as normal. In this way, the user does not notice anything different and the fraudster is able to obtain the personal information without alerting the user. This invention was made with a view to preventing these and other similar types of fraudulent activity.