I have always thought that as long as there is a lock icon then the website I visit is safe. it turns out that it's also not necessarily safe if you read your explanation. but I think as long as I don't click on weird ads or enter random emails and passwords on unknown webs. or by ignoring messages from emails or strangers. then I guess I'll stay safe.
Topic: How to detect fraudulent websites. (Read 116 times)
I usually look up reviews aswell... See if other members (or higher) on bitcointalk have had positive experiences with the shop in question. If not, i start looking at review sites, but focus on the negative reviews since positive ones are very easy to buy (eventough sometimes a competitor buys negative reviews aswell).
But yeah, ssl means nothing... Site age *can* be an indicator, but everybody has to start somewhere, so new sites could just aswell be *good*, just like scam sites can be around for many many years (so old sites can be *bad* aswell).
Hidden WHOIS info is sometimes (but not always) an indicator of a *bad* site.
If something seems to good to be true, it's usually also an indicator of a *bad* site.
All in all, it's very hard to distinguish an honest vendor from a scammer, there's no 100% certain way of filtering out the bad apples.
But yeah, ssl means nothing... Site age *can* be an indicator, but everybody has to start somewhere, so new sites could just aswell be *good*, just like scam sites can be around for many many years (so old sites can be *bad* aswell).
Hidden WHOIS info is sometimes (but not always) an indicator of a *bad* site.
If something seems to good to be true, it's usually also an indicator of a *bad* site.
All in all, it's very hard to distinguish an honest vendor from a scammer, there's no 100% certain way of filtering out the bad apples.
It's true, scammers with money won't go the cheap ways to scam people, they will come in sheep's clothes of cos, its the same with those legit looking airdrop swap platforms that want to give away some tokens and tell people to connect their wallet, people would believe once they see the padlock 🔒 available.
Having SSL is only for safety/secured connections while accessing the website (actually it's okay too even it's a http:// only as long you wont putting any personal details, cards, login info, etc.), as described, nothing more. SSL are also free, aside from Cloudflare mentioned above, Let's Encrypt also have free SSL.
What most people should do, is check what services does the website is offering. If it's investment with daily rates, too good to be true offers, obvious its a scam.
What most people should do, is check what services does the website is offering. If it's investment with daily rates, too good to be true offers, obvious its a scam.
Just a heads up that while having SSL is good for website security, it doesn't mean crap when talking about website legitimacy. Anyone can get a free SSL through services like CloudFlare.
- [GUIDE] Use this for identifying Scam/Phishing/ websites & exchanges in crypto
- [Tutorial] How To Report Phishing Email & Create Auto Delete Filter - Gmail User
- Tool For Catch Phishing
Basically you don't have to know too much to avoid phishing attacks. You only simply ignore strange email, strange links, DMs from strangers. That is a very good preventive approach.
In addition, spend a few minutes to do test
You can also find more information on the website by clicking on the padlock and seeing if the owner has linked their address to their certificate or if a more trusted certification authority has accredited the we site's certificate (as apposed to a let's encrypt one).
I use to look out and trust these little padlock icon on my browser every time I visit a website for the first time,
and think it meant I was safe from scam sites until I recently got to find out that though the icon shows you that ''Your connection is secure'', and is usually a first indication that a website is legitimate, it is not an assurance that the website you are visiting and about to put your personal details is not for fraudulent purpose and owned by scammers.
I learned that a browser shows that your connection is secured to a website you visit when the owners of that website have been able to install a certificate that causes data to be encrypted end to end, which means scammers who are technically sound and financially capable can go an extra mile to want to deceive people who are like my former self.
To simply find out if a website is fraudulent when scrutinizing it and everything is looking pretty, You can check for the domain Age using (https://whois.domaintools.com/) and verify it with the age the site owners claim the website has been up and running for, which they usually attach to somewhere on the homepage.
Another method is to check if the website you are about to access can be trusted by validating it on Google Safe Browsing Transparency Report .
source
I hope this is helpful to someone.
and think it meant I was safe from scam sites until I recently got to find out that though the icon shows you that ''Your connection is secure'', and is usually a first indication that a website is legitimate, it is not an assurance that the website you are visiting and about to put your personal details is not for fraudulent purpose and owned by scammers. I learned that a browser shows that your connection is secured to a website you visit when the owners of that website have been able to install a certificate that causes data to be encrypted end to end, which means scammers who are technically sound and financially capable can go an extra mile to want to deceive people who are like my former self.
To simply find out if a website is fraudulent when scrutinizing it and everything is looking pretty, You can check for the domain Age using (https://whois.domaintools.com/) and verify it with the age the site owners claim the website has been up and running for, which they usually attach to somewhere on the homepage.
Another method is to check if the website you are about to access can be trusted by validating it on Google Safe Browsing Transparency Report .
source
I hope this is helpful to someone.
Jump to: