Pages:
Author

Topic: Officially visit websites & download apps, not fake ones. - page 2. (Read 908 times)

sr. member
Activity: 1820
Merit: 436
Quote
Don't:
- Google to find official websites because you can find phishing sites.
- Don't search on Google Play or iOS store to find applications.
- Don't click on links that are sent by anyone to install any application.

Google has one of the most notoriously slipshod app approval process, this make it app store most dangerous and anyone trending on it should trend with cautions. I attributed many mistakes to our inability to distinguish between fake and original. Here are some tips:

Check app developer: The name of the developer should be correct in spelling.

Ensure to disable app installation from unknown sources.

Check app permissions: you must be smart with this,  dubious permissions are on app store.

Always read reviews of others.


I guess we always end up googling a lot of things on the internet and we cannot really avoid it.

I think we just need to be aware of the website we are going to visit most of the time when you google a website the first one that is going to appear is the legit one and you can easily tell most of the time when something is wrong about it. But for sure you are going to have doubts if you don't know or its your first time visiting the website.
hero member
Activity: 2142
Merit: 670
Hire Bitcointalk Camp. Manager @ r7promotions.com
..snip..
That's absolutely true, only searching directly the application on the play store/AppStore is not recommended enough. There are several fake applications that may be very difficult to differentiate. Moreover for the newbies who don't know exactly about the right application.
Let's say how MEW also seems to be imitated by the fake MEW App. It has been from along time ago and the scammer always renewed it until nobody realizes it. And of course, there may be several other similar cases that point out the fake applications that we may not aware of it.

Actually, this article is good enough for us to spot out the fake Andoird application. AN dit can be sued for any kind of application. Let's have a good read here:
https://www.howtogeek.com/341905/how-to-spot-and-avoid-fake-android-apps-in-the-play-store/

Watch out "scammer's everywhere"

There are a lot more ways to validate a website's legitimacy, but this is all I can think of for now. Smiley
Yeah, there may not be only using one point to download the official application.
1. Visit the official website, ensure that the site is the official site. we can look at the URL link or its domain. Scammers may also create a certain similar website but different URL characters, domain name characters, and also the TLD.
2. Join the official telegram group pr other social media. Be careful, many scammers also create a fake telegram group. We must confirm it with the information on the official website.

then, after confirming the right place, we and download the application from the link provided on the website or official telegram group.

This is actually what mostly I did every time going to download certain applications. It is better than being confused on the play store to find the right application.
sr. member
Activity: 1232
Merit: 379
Additionally to the ones you said, in order to avoid downloading phishing apps from stores, cryptog users be practice in checking in on social media page. This is another way of winning bad hackers, social media page carries the correct and legit URL of website of projects. Absolutely, newbies falls into this victim at all times so this information would probably help allot.
hero member
Activity: 2366
Merit: 793
Bitcoin = Financial freedom
A simple pro tip to visit official crypto related sites from one place is coinmarketcap.Yes it is.

You can find almost every crypto related websites with official links so you can trust them while visiting and also it is good to double check the link once you entered into the official site.
coinmarketcap.com is a legit site but it is not wisely to rely on a single site to find what you need. Start with coinmarketcap.com and double or trible check with results you get from other search engines.

A legit site can be compromised, we simply don't know when and how it will be compromised. We can only take care of ourselves and our capital.
I never said we should rely on coinmarket for every kind of search but we can use this website to cross check with our results on google or any other search engines.But whenever I want to visit an exchange I use coinmarketcap to save time and I will always check the URL after entered into the exchange.
hero member
Activity: 2240
Merit: 537
FREE passive income eBook @ tinyurl.com/PIA10

coinmarketcap.com is a legit site but it is not wisely to rely on a single site to find what you need. Start with coinmarketcap.com and double or trible check with results you get from other search engines.

A legit site can be compromised, we simply don't know when and how it will be compromised. We can only take care of ourselves and our capital.

Fear not my young padawan. After Binance acquired CMC, we have this guy to assure everything is a-ok.


Jokes aside, it's always better to have more reference
hero member
Activity: 1722
Merit: 801
A simple pro tip to visit official crypto related sites from one place is coinmarketcap.Yes it is.

You can find almost every crypto related websites with official links so you can trust them while visiting and also it is good to double check the link once you entered into the official site.
coinmarketcap.com is a legit site but it is not wisely to rely on a single site to find what you need. Start with coinmarketcap.com and double or trible check with results you get from other search engines.

A legit site can be compromised, we simply don't know when and how it will be compromised. We can only take care of ourselves and our capital.
hero member
Activity: 2366
Merit: 793
Bitcoin = Financial freedom
A simple pro tip to visit official crypto related sites from one place is coinmarketcap.Yes it is.

You can find almost every crypto related websites with official links so you can trust them while visiting and also it is good to double check the link once you entered into the official site.
hero member
Activity: 2156
Merit: 803
Top Crypto Casino
I actually do google for official website when I want to get the site or install some software, but I don't just click on the first google result, instead I look at mentions of it from multiple sources and check that they all lead to the same address.

It's actually easier to verify the more popular sites, because they will be mentioned by other sites a lot, so despite all the phishing, you'll easily find the real one, but with some less obscure things, it's hard to find even the references to them. For example, it's hard to find a legitimate cracks for software by googling and nearly all results will have malware, and you'd need to get to some specialized forums to find links to relatively safe cracks.

It seems so wrong that a phishing/ malicious site could actually rank better than the original if that ever happens.

Usually those "top" results are from Google Ads. I fell for it once and shit, it was scary af.

Ranking such websites only require Black Hat SEO, they will rank fast but as soon as Google discovers them they will get banned. Still, if they rank on the first page for just 48 hours their job will be complete as many fools will open their links without even noticing the URL address.

Therefore always check the URL of a website before downloading or uploading anything.
hero member
Activity: 2240
Merit: 537
FREE passive income eBook @ tinyurl.com/PIA10

Not true. Google and other major search engines accept money from scammers to boost sites to the top of search results. Malicious sites often appear as the very first link.


Take a look at this, how pathetic.
legendary
Activity: 2268
Merit: 18748
For example, it's hard to find a legitimate cracks for software by googling and nearly all results will have malware, and you'd need to get to some specialized forums to find links to relatively safe cracks.
The only "safe" crack is one in which you have personally reviewed all the code yourself prior to compiling and running. If you do not have the knowledge to do that, then I would say there is no such thing as a "safe" crack.

The problem with these pieces of software is that you have no idea who has written them, and they are widely downloaded, often by people with very limited technical knowledge. Most anti-virus and anti-malware software will stop them from working, and so people will either whitelist them or disabled their anti-virus while they install them. They are therefore a very easy way to distribute malware. If you are going to use something like this, then I would suggest only using it on a computer which has no personal information at all, doesn't log in to any of your online accounts, and certainly has absolutely no connection to your bitcoin wallets.

Also, search engines aren't fake, and most results would probably result in the official site first before the phishing sites.
Not true. Google and other major search engines accept money from scammers to boost sites to the top of search results. Malicious sites often appear as the very first link.

Additionally, if you were to look up using search engines, you may chance upon a phishing site and an official site, with a bit of a good eye, you can notice the difference and see which is fake or not.
Not necessarily. If you don't know what the official site is (and why would you if you were Googling for it), could you tell which one was the real site between (for example):
  • blockchain.com
  • block-chain.com
  • blockchain.org
  • block-chain.org
hero member
Activity: 2240
Merit: 537
FREE passive income eBook @ tinyurl.com/PIA10
I actually do google for official website when I want to get the site or install some software, but I don't just click on the first google result, instead I look at mentions of it from multiple sources and check that they all lead to the same address.

It's actually easier to verify the more popular sites, because they will be mentioned by other sites a lot, so despite all the phishing, you'll easily find the real one, but with some less obscure things, it's hard to find even the references to them. For example, it's hard to find a legitimate cracks for software by googling and nearly all results will have malware, and you'd need to get to some specialized forums to find links to relatively safe cracks.

It seems so wrong that a phishing/ malicious site could actually rank better than the original if that ever happens.

Usually those "top" results are from Google Ads. I fell for it once and shit, it was scary af.
hero member
Activity: 2702
Merit: 672
I don't request loans~
It's all about judging something from its external appearance tbh. Anyone can notice a fake site as long as they pay much attention, especially when trying to visit a new one. Also, search engines aren't fake, and most results would probably result in the official site first before the phishing sites. Additionally, if you were to look up using search engines, you may chance upon a phishing site and an official site, with a bit of a good eye, you can notice the difference and see which is fake or not. Most phishing sites just adjust the name to MAKE it look like the original.

What to avoid is opening sites in forums and the like especially if the link title seems suspicious (first time seeing it for example). That, or when you see a link being spammed across various threads in a forum, avoid it, completely. That's one way to ensure safety.
legendary
Activity: 3024
Merit: 2148
Don't:
- Google to find official websites because you can find phishing sites.


I actually do google for official website when I want to get the site or install some software, but I don't just click on the first google result, instead I look at mentions of it from multiple sources and check that they all lead to the same address.

It's actually easier to verify the more popular sites, because they will be mentioned by other sites a lot, so despite all the phishing, you'll easily find the real one, but with some less obscure things, it's hard to find even the references to them. For example, it's hard to find a legitimate cracks for software by googling and nearly all results will have malware, and you'd need to get to some specialized forums to find links to relatively safe cracks.
legendary
Activity: 2170
Merit: 1789
I think if you give advice about the official site address associated with crypto I think this is good. You can classify them into many categories. For example, Exchange Address, Wallet address, etc.

It's not really a bad idea but what that's just repeating what others already said, which is trusting another source without proper DD. I think the point that newbies should get from this thread is that if you don't know an official website of service, then look it from multiple sources. After that, always verify the apps you've downloaded to make sure you don't get a fake one.
hero member
Activity: 1400
Merit: 770
Official website: https://www.binance.com/en

Many fake sites that harm us. They are very good at using loopholes, making web addresses look like the original,same interface. I think if you give advice about the official site address associated with crypto I think this is good. You can classify them into many categories. For example, Exchange Address, Wallet address, etc. Sory this is my opinion, if wrong ignore it.
legendary
Activity: 2268
Merit: 18748
There are a lot more ways to validate a website's legitimacy, but this is all I can think of for now.
One of the best ways to prevent yourself from being a victim of phishing is to use a good password manager. It will not be fooled by similarly spelt domains, .orgs instead of .coms, homograph attacks, and so on. If you have it set up to auto-populate the username and password boxes and it fails to do so, then it means something is amiss.

Check app developer: The name of the developer should be correct in spelling.
Ensure to disable app installation from unknown sources.
Check app permissions: you must be smart with this,  dubious permissions are on app store.
Always read reviews of others.
You are correct in your suggestion not to trust the Google Play store or Apple App store, as they frequently host fake and malicious apps. The suggestions you have given do not prevent a user from downloading a fake app, though. In terms of the developer name, it is possible to use a name which appears legitimate or so similar to the real thing to be impossible to tell apart. If you saw six bitcoin wallet apps, for example, being developed by "Bitcoin Core", "Bitcoin Wallet", "Bitcoin Core Wallet", "Bitcoin developers", "Bitcoin Wallet developers", and "Bitcoin Core developers", would you be able to tell which one was the real thing? Most apps ask for unnecessary permissions, but the only permission an app needs is access to the internet and it can send your username/password/seed phrase/private keys/whatever to a scammer. Disabling app installation from unknown sources does nothing to prevent downloading scams from the app stores, and reviews can easily (and often are) faked in huge numbers.

The best way to download apps is directly from the developer, and verifying its signature prior to installing.
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
<…>
  • Always visit https sites.
<…>
That is really only going to ensure that the data you transfer/receive over the internet is encrypted, but it does not mean much nowadays in terms of the reliability of the site you connect to.

This is from a while back, but show us just how much the padlock means nowadays:

PhishLabs, the data source behind the link in the OP,  has an update report, and now places the mark at 68% for phishing sites using SSL (see https://info.phishlabs.com/blog/apwg-two-thirds-phishing-sites-ssl-https). Although their data for some Quarters decreases in percentage, it’s fair to assume that SSL certificates is a non-trustworthy indicator on its own, and that the assumption needs to clearly be demystified.

hero member
Activity: 1344
Merit: 540
Ensure to click the padlock icon to verify the security details.
Ensure all sites are https means the padlock will be locked and that the connection is secure but very possible the sites itself to be scam is not ruled out, they can actually be scam. But you are right, the connection to the site is secure and contain no malware, so the information is useful.


Those padlock signs and SSL are not an assurance that everything is perfect, and it's easy and cheap to get a SSL certificate.

I think it is not discussed is how you access your crypto, if you have the habit of always opening your wallet using "Public Wifi", chances are one of this days hackers can intercept your details like passwords and private keys. And then took all your crypto belongings in one swoop.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
Ensure to click the padlock icon to verify the security details.
Ensure all sites are https means the padlock will be locked and that the connection is secure but very possible the sites itself to be scam is not ruled out, they can actually be scam. But you are right, the connection to the site is secure and contain no malware, so the information is useful.

legendary
Activity: 1134
Merit: 1598
But your advise here is not good. Social accounts can be hacked and compromised too so don't rely on any third party websites, search engines to visit official websites.
For sure, hence why I said that checking from multiple sources is something I advise. Almost anything could be compromised in the online world, so I'd rather not believe anything and be safe than skip a website verification and have damage occuring to my wallets.

At least with social media you can see when a certain change happened. If you have a website and someone gets to hack it, it could be as simple as the criminal redirecting your real site to his fake one. Chances are way lower to get onto a fake site if you verify whether the same link corresponds on multiple sites (e.g. an older article mentioning the website, a social media account, a Bitcointalk thread, maybe even asking a friend who uses it etc).
Pages:
Jump to: