Phishing sites are one of the worst things, the you never want to be trapped, because you will lose your identities and money too in case you use same emails and same passwords over different platforms, includes phishing sites.
Rules to fight against phishing sites:
- Never click on links in emails or any groups sent by strangers.
- Never create accounts on newborn, strange sites/ forums if you do not make your own research about those sites.
- For already known phishing sites, there are steps to add them into host-files to avoid probability that your browsers will open those sites, by you, your wife/husband, children, whoever.
BTW, I appreciated the post of o_e_l_e_o.
Another one to be added to your hosts files then.
On Windows, navigate to "C:\Windows\System32\Drivers\etc\", and open the hosts file in a text editor.
On Mac, navigate to "/private/etc/", and open the host file in a text editor.
On Linux, open terminal and write "sudo nano /etc/hosts"
Add the following two lines to the bottom of the hosts file:
0.0.0.0 bitcointalk.to
0.0.0.0 fonstavka.com
Your browser will now be unable to open those two phishing sites.
Read more:
https://support.rackspace.com/how-to/modify-your-hosts-file/So, what is new in this thread?
Steps to add phishing sites, and turn them off are above, what we need is list of phishing site.
So, if you know any phishing sites, please leave them here, I will add them to the list. I hope that we all will make a long list of phishing sites.
0.0.0.0 bitcointalk.to
0.0.0.0 fonstavka.com
0.0.0.0 thebitcointalk.net
0.0.0.0 fonstavka.com
0.0.0.0 lawcommonentrance.com
0.0.0.0 electrum.org.uk
0.0.0.0 electrumclient.org
0.0.0.0 downloadelectrum.org
0.0.0.0 electrumsite.com
0.0.0.0 electrumweb.net
0.0.0.0 electrumupdate.com
0.0.0.0 electrumproject.org
0.0.0.0 mercatox.org
0.0.0.0 bitplace.org
0.0.0.0 coinpalace.org
0.0.0.0 exmo.space
0.0.0.0 poficrypt.com
0.0.0.0 coinsweet.org
0.0.0.0 cryptexcurrency.com
0.0.0.0 crypton-bnb.com
0.0.0.0 cryptexplatform.com
0.0.0.0 crypto-trader24.com
0.0.0.0 24xfast.com
0.0.0.0 24xtransfer.com
0.0.0.0 24xtrade.com
0.0.0.0 24burntrade.com
0.0.0.0 bitusual.com
0.0.0.0 24fastcoin.com
0.0.0.0 social-info.ru
0.0.0.0 margo-event.com
0.0.0.0 www.social-analysis.ru
0.0.0.0 24spacetrade.com
0.0.0.0 24xholding.com
0.0.0.0 ancebit.com
0.0.0.0 24xcointrade.com
0.0.0.0 24bestchanger.com
0.0.0.0 24xhold.com
0.0.0.0 cryptextrade.com
0.0.0.0 tradexblue.com
0.0.0.0 bitmate24.com
0.0.0.0 poficrypt.com
0.0.0.0 evrostyle.net
0.0.0.0 24excoin.com
0.0.0.0 fastchange24.com
0.0.0.0 cryptonplatform.io
0.0.0.0 best-xtrades.com
0.0.0.0 tradexmate.com
0.0.0.0 fixtradecorp.com
0.0.0.0 bitbeaxy.com
0.0.0.0 24bitstamp.com
0.0.0.0 mercatox.org
0.0.0.0 crypto-change24.com
0.0.0.0 bitspace24.com
0.0.0.0 bitbns.org
0.0.0.0 24coindesk.com
0.0.0.0 coinsbank.store
0.0.0.0 xcryptoplatform.com
0.0.0.0 bitshumb.com
0.0.0.0 https://brave-browser.info
0.0.0.0 https://bitblender.eu/
0.0.0.0 https://bounty-brave.info/
0.0.0.0 https://litecoln.org/
0.0.0.0 https://biockcheln.info/
0.0.0.0 http://iocaibitcoins.com/
0.0.0.0 https://iocaibitcoins.com/
0.0.0.0 https://lolibitcoins.net/
0.0.0.0 http://privatemgrgg.pw/vcruntime140.dll
0.0.0.0 https://localbicolns.org/
0.0.0.0 http://localbicolns.org/
0.0.0.0 http://mgsocl.su/api/check.get
0.0.0.0 http://mgsocl.su/api/gate.get
0.0.0.0 http://dress-x.ru/freebl3.dll
0.0.0.0 https://brave-drop.info
0.0.0.0 https://electrum.cash/#home
0.0.0.0 smatmixer.io
Someone did it, but you still can contribute to my list.
SteveBlack's hostsReport phishing site through the pageDisable punny coded phishing sitesSource:
https://winaero.com/blog/enable-idn-punycode-firefox-address-bar/What is punny code?Punycode is a special encoding used to convert Unicode characters to ASCII, which is a smaller, more restricted character set than Unicode. Punycode is used to encode internationalized domain names (IDNs) as a defense against address spoofing. Firefox allows enabling IDN punycode instead of non-Latin letters and Unicode symbols. This can be very useful, as you can find out if the currently opened web page is a phishing site or just a non-official mirror of some web site which you would like to avoid.
Ex: A phishing site of Binance that use punny code
At first glance, the addresses look very similar. Some users may not pay attention to the small dots below the "n" letter, which are there because it is a unicode symbol 'n with a dot below it' (U+1E47). This way, phishing web sites may trick you and make you believe that you are visiting the official genuine site.
For advanced protection, you can
enable IDN Punycode protection in Firefox. With the option enabled, the address becomes like this:
Obviously, it doesn't look like the right web address any more.
If you find this feature useful and would like to enable it, here is how.
To enable IDN Punycode in Firefox Address Bar, do the following.
Read more
here
Punnycode attacks
1. Be cautious if the site presses you to do something quickly. This is a classic strategy by hackers to rush their potential victims so that they are less likely to notice anything suspicious. Often they will offer a ‘limited time only’ deal, and make it difficult to exit the page with ‘are you sure you want to exit’ pop ups: these are all tactics to make you stay on their site longer and give them your details.
2. If you are being offered a deal, go to the original company site and check if it’s available there as well, if not it’s mostly likely a scam doing it’s best to mimic the established brand and trick visitors into handing over their details.
3. If some of the letters in the address bar look weird, or the website design looks different, rewrite it or visit the original company URL in a new tab to compare. The letters in the address bar looking strange is a key indicator that punycode is being used to trick you into thinking you are visiting a well-established brand site when in fact you are being taken to a malicious site.
4. Use a password manager; this reduces the risk of pasting passwords into dodgy sites.
5. Force your browser to display Punycode names, this option is available in Firefox.
6. Click on the padlock to view and inspect the HTTPS certificate.
IDN homograph attackShould-read threads:What to do to avoid phishing sites[LEARN] Phishing Quizzes - Beginners & Experts 
