Author

Topic: Steps to check potential phising links (Read 681 times)

legendary
Activity: 2324
Merit: 1604
hmph..
July 01, 2019, 03:11:59 AM
#31
One thing I don't like about http://redirectdetective[dot]com is that it's not even secure,  Smiley




As far as i know, browser give notification "not secure" is for all of website does not using SSL. even they are not a phishing sites, browser (chromium based) will give same notification. so, user can be aware about domain name with thats warning.


For all newbie member, in case you are forget to check website/link like this tutorials, i suggest you to install browser extension cryptonite by MetaCert. free version is available. 

Code:
download: https://metacert.com/?utm_source=CryptoniteByMetaCert
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
June 26, 2019, 09:13:07 PM
#30
It is also possible to know the site for clickable sites except the shorten link. You can right click the clickable link and paste it on the other browser tab then you will be able to know the hidden link especially if your not using a computer where hidden links won't show unlike the computer where you just point the arrow to the clickable link and the link will be shown below as seen in the op. There is also a browser extension that blocked sites but it is not sugggested as browser extension may be harmful if installed. The safest thing to do is add the phishing links to the file host as stated in the op's final step.
full member
Activity: 924
Merit: 221
June 26, 2019, 05:43:03 PM
#29
Nice one OP thank you for the wonderful information younhave shared. Yes, I have been a victim of phishing before with one of my online games account and had been careful enough to visit any sites to which it leads me.not to visit at all possible phishing sites I think.

Now that I have the idea on how to check possible phishing sites then for sure I can go visit sites and have the idea on identifying it if it is a possible phishing site. Thanks to this OP.
full member
Activity: 462
Merit: 155
June 23, 2019, 03:09:41 AM
#28
Knowing the URL link if it is a phishing site or not is just one of the first steps in identifying if it is one but surely it isn't enough. Some phishing links really do have a carbon copy of the real website and they also get a convincing domain name (if you aren't familiar with their real domain of the website) to come with it so really being an observant people and looking at security patches and logos is your only way of telling if its a phishing website or not.
Exactly. So, to avoid this, one of the best thing to do is using bookmark tools, that are available on browsers. I also wrote a guide about this months ago. Please check. [GUIDE] Using bookmark tool in browsers to mark bitcointalk topics/ posts
hero member
Activity: 1806
Merit: 672
June 09, 2019, 01:50:45 PM
#27
Woah these are very helpful actually I dont know about that second one "pointing the cursor" and you will see the link on the lower left corner.  Grin
Knowing the URL link if it is a phishing site or not is just one of the first steps in identifying if it is one but surely it isn't enough. Some phishing links really do have a carbon copy of the real website and they also get a convincing domain name (if you aren't familiar with their real domain of the website) to come with it so really being an observant people and looking at security patches and logos is your only way of telling if its a phishing website or not.
full member
Activity: 462
Merit: 155
April 17, 2019, 01:48:17 AM
#26
Today, I saw another user mentioned about new phising site of blockchain.com, so please bookmark your most favorite sites, and be careful when you log in your accounts on blockchain.info to avoid get trapped by phising site.
WATCH OUT MALICIOUS BLOCKCHAIN.INFO WALLET PAGE!! (by wwzsocki)
newbie
Activity: 259
Merit: 0
April 15, 2019, 04:05:35 AM
#25
Thanks for such kind of information as i am a newbie i always get conflicted with phising links my friend lost his 2 ether when he get logged in into a phising link of idex.market and this topic will must help him to get rid of this problem. May i know is there any extention to filter out any phising link like ad-blocker ?
full member
Activity: 462
Merit: 155
April 15, 2019, 12:31:43 AM
#24
There are also some browser's extensions that can prevent these kinds of phishing websites. You can install these kinds of browser extensions to extend your security browsing over the internet or use some website to identify if the particular website is included on some blacklist for suspected as a phishing site.
Check this out : [GUIDE] Use this for identifying Scam/Phishing/ Websites & Exchanges in Crypto
I added your topic into the SHOULD READ LIST in the OP, however I don't prefer to use browser's extensions because it will lead to another issues with potential harmful browser's extensions.
Personally, secure our devices by taking careful with all things we do when try connecting to Internet, sites, and so on are enough.
- Bookmarking all trusted, mostly used sites in browser.
- Don't visit unfamiliar sites.
- Don't hurry, and lazy too much to instantly double click / click on links and fall into traps.
- Don't be greedy with strange links that provides airdrops, bounties, give aways, and get trapped.
- Prepare more knowledge, and skills to secure our devices.
- Try to avoid visiting strange sites on mobile devices.

For all those things above, carefullness is the most important thing to keep us safe!
We can have a lot of knowledge, skillful, but if we are careless, we will get trapped some day.
legendary
Activity: 2506
Merit: 1394
April 14, 2019, 10:57:39 PM
#23
There are also some browser's extensions that can prevent these kinds of phishing websites. You can install these kinds of browser extensions to extend your security browsing over the internet or use some website to identify if the particular website is included on some blacklist for suspected as a phishing site.
Check this out : [GUIDE] Use this for identifying Scam/Phishing/ Websites & Exchanges in Crypto
sr. member
Activity: 826
Merit: 265
April 11, 2019, 08:20:58 PM
#21
There is a thread created something like this before and i hope this can be added for reference also

https://bitcointalksearch.org/topic/crypto-scam-howto-protect-yourself-4264404

And another one is to find scam sites

https://bitcointalksearch.org/topic/how-to-know-if-the-website-is-a-scam-there-you-find-it-4456502

Hoping the threads is helpful for others and most importantly for newbies and those who love to browse via internet
hero member
Activity: 3150
Merit: 636
DGbet.fun - Crypto Sportsbook
April 11, 2019, 06:21:44 PM
#20
Hey, I've been looking for a site like this. Thank you for sharing this site, this is really helpful. Phishers do really use link shortners to hide the real link they are sharing.

They will add some interesting captions and statements relative tovthe topic and at end they'll put that link.

No problem. If someone can point to a browser extension (firefox / chrome) that allows users to hover over a link and receive the eventual website address, do share on this forum. Would send merit your way.  Haven't been able to find a plugin with that functionality, the rest all require copying and pasting of addresses which is a hassle.
Will do, if I've found an extension that this kind of function, I'll notify everyone here quickly. I understand what you are trying to convey and I felt that, we have to check it like the tutorial you have given and it consumes time.

Unlike hovering it to the link, you can already check what's the true link behind that shortener.
legendary
Activity: 2758
Merit: 6830
April 11, 2019, 01:31:43 PM
#19
For most famous redirect website, you can just add a "+" (plus symbol) at the end of the URL and you'll go to a page where it shows everything about the redirection link (the final destination, clicks, stats, etc...).

Example:
https://bit.ly/2Vzd1C9+
legendary
Activity: 2702
Merit: 3045
Top Crypto Casino
April 11, 2019, 01:00:53 PM
#18
...
Not sure why Baofeng stated the site does not really secure. Did you get opinion of Baofeng?
One thing I don't like about http://redirectdetective[dot]com is that it's not even secure,  Smiley



I think because he is using http instead of https (BTW it was whotookmycrypto who mentioned it not Baofeng, sorry for that)  Cheesy
There is nothing to fear, I just used virustotal to scan it and the result was 100% clean
full member
Activity: 462
Merit: 155
April 11, 2019, 12:30:14 PM
#17
There are many online tools that can be used to retrieve the target URL. All you have to do is to copy paste the shortened URL and you will get the original one.
Baofeng justr stated one of them which is redirectdetective.com and here is another one checkshorturl.com
In a summary, I got two potential sites for use:
Code:
redirectdetective.com
checkshorturl.com
Not sure why Baofeng stated the site does not really secure. Did you get opinion of Baofeng?
One thing I don't like about http://redirectdetective[dot]com is that it's not even secure,  Smiley



legendary
Activity: 2702
Merit: 3045
Top Crypto Casino
April 11, 2019, 12:26:44 PM
#16
...
There are many online tools that can be used to retrieve the target URL. All you have to do is to copy paste the shortened URL and you will get the original one.
Baofeng justr stated one of them which is redirectdetective.com and here is another one checkshorturl.com
hero member
Activity: 1680
Merit: 655
April 10, 2019, 01:30:45 PM
#15
For people recommending on hovering on the potential phishing links, this will only work if the url itself is directly linked to the text. But for URL shorteners this trick won't work as they would only show you the url for the shortned website not the website link itself (try hovering on the shortened link posted by whotookmycrypto in the thread). So if you know that you are on a sketchy website or a strange person have given you a URL shortened link then you must be very cautious on looking at the various red flags seen on a phishing website because I myself personally won't even bite and click the link, I would rather search the official website instead in Google just to be safe.

sr. member
Activity: 742
Merit: 395
I am alive but in hibernation.
April 10, 2019, 01:29:08 PM
#14
Please don't click what's below this, I only used this as an example.

Hover to this -> twitter.com. As you can see, the in human's eye is twitter.com but if you click it it will redirect you to another page(facebook.com). So, you need to hover on every file that you are suspecting.


I guess, I know about that but it slipped from my mind.  I was wondering the same after reading OP that how I will check links that are not posted in this forum.

One thing I don't like about http://redirectdetective[dot]com is that it's not even secure,  Smiley




Still it look better option that going directly to the url shortened link.
legendary
Activity: 2576
Merit: 1655
April 10, 2019, 01:15:47 PM
#13
One thing I don't like about http://redirectdetective[dot]com is that it's not even secure,  Smiley


full member
Activity: 504
Merit: 127
Match365> be a part of 150BTC inviting bonus
April 10, 2019, 12:31:51 PM
#12
I just want to add an information to check if the link is a phishing link. One way to avoid that is to hover. When we say hover it is when you put your mouse over a file or a link and you can see the link to that file. Here's an example to it.


You can see the blue arrow, I hovered at bitcoin forum. And the link was showed at the lower left part(where the red arrow is pointing).

Please don't click what's below this, I only used this as an example.

Hover to this -> twitter.com. As you can see, the in human's eye is twitter.com but if you click it it will redirect you to another page(facebook.com). So, you need to hover on every file that you are suspecting.
full member
Activity: 168
Merit: 214
WhoTookMyCrypto.com
April 10, 2019, 11:38:10 AM
#11
Hey, I've been looking for a site like this. Thank you for sharing this site, this is really helpful. Phishers do really use link shortners to hide the real link they are sharing.

They will add some interesting captions and statements relative tovthe topic and at end they'll put that link.

No problem. If someone can point to a browser extension (firefox / chrome) that allows users to hover over a link and receive the eventual website address, do share on this forum. Would send merit your way.  Haven't been able to find a plugin with that functionality, the rest all require copying and pasting of addresses which is a hassle.
full member
Activity: 924
Merit: 221
April 10, 2019, 10:57:48 AM
#10
Well there are many phishing links here, in telegram or from social media being posted just to compromise user's account and they can even do it for some  users are notnjust careful with their account, wallet.or etc. As long they think that it was the right website.

Most users that can do mistake without checking the links are not that techie when it comes to the technical aspect of the system.
full member
Activity: 462
Merit: 155
April 10, 2019, 07:03:40 AM
#9
You shared great tip, DdmrDdmr, I tried hovering over hidden link, and saw what you meant. Thanks.
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
April 10, 2019, 07:00:41 AM
#8
<…>
One thing to bear in mind is that you cannot quote a post to see the link if you are not logged-in into the Forum. People seem to often browse without loggin-in (see last charts on [Chart] Bitcointalk statistics on impression counts for ads). Nevertheless, whether you are logged-in or not, you can always hover over the hidden link on the forum, and see the linked URL displayed on the bottom left side of your screen.
hero member
Activity: 3150
Merit: 636
DGbet.fun - Crypto Sportsbook
April 10, 2019, 06:49:25 AM
#7
Scammers also commonly use URL shorteners to mask their links. Examples include bitly and rebrandly.

Example of a shortened link: https://bit.ly/2Vzd1C9

Instead of clicking the link to check out where it leads, throw the link into websites like http://redirectdetective.com.

This is what would appear:
[img ]https://i.imgur.com/3fkNLLl.png[/img]

Hey, I've been looking for a site like this. Thank you for sharing this site, this is really helpful. Phishers do really use link shortners to hide the real link they are sharing.

They will add some interesting captions and statements relative tovthe topic and at end they'll put that link.
full member
Activity: 168
Merit: 214
WhoTookMyCrypto.com
April 10, 2019, 06:44:40 AM
#6
Yeah these things pop up all the time so need to be careful. Another example that appeared a short while ago:

https://bitcointalksearch.org/topic/bitcoin-talk-forum-phishing-website-be-aware-5122733
full member
Activity: 462
Merit: 155
April 10, 2019, 06:38:21 AM
#5
You know what, I just saw this one a seconds ago:
What with bitcointalk .COM, it's a bit misleading.
full member
Activity: 168
Merit: 214
WhoTookMyCrypto.com
April 10, 2019, 06:36:49 AM
#4
Thanks, that is why I say we should click on the quote button to see which links hidden behind, then your steps recommended above are great. To be honest, I did not know about that, before you shared it above.  Grin

Great share mate. We are all learning. Didn't know some of the stuff you mentioned in your post too so thanks for the share.
full member
Activity: 462
Merit: 155
April 10, 2019, 06:27:43 AM
#3
Thanks, that is why I say we should click on the quote button to see which links hidden behind, then your steps recommended above are great. To be honest, I did not know about that, before you shared it above.  Grin
full member
Activity: 168
Merit: 214
WhoTookMyCrypto.com
April 10, 2019, 06:25:02 AM
#2
Scammers also commonly use URL shorteners to mask their links. Examples include bitly and rebrandly.

Example of a shortened link: https://bit.ly/2Vzd1C9

Instead of clicking the link to check out where it leads, throw the link into websites like http://redirectdetective.com.

This is what would appear:

full member
Activity: 462
Merit: 155
April 10, 2019, 06:10:29 AM
#1
The topic aims at newbies, but it might be useful for older users, who spend little time in the forum, to discover, and to learn.
Phising links are one of the most terrible things that make-money-online guys have to face with.
I am not sure, but I guess that there is no stupid phisers will put their phising links directly, instead they tend to hide them inside url link.

I give you an example, in which I presents three ways to post link to the topic you are reading.

1) Hidden link
Steps to check potential phising links

2) Direct link
https://bitcointalksearch.org/topic/steps-to-check-potential-phising-links-5130231
Phisers never post their phising links that way because no one is stupid and lazy too much to fall into their opened traps like this (very limited people will fall into such bad trap).

3) Shortened links
Example:
Code:
https://bit.ly/2Vzd1C9
I posted the link with code because I don't want you to unintentionally click on the link. Please don't click on the link or any link like this.



SOLUTIONS
So, how to check that links are potential phising links or not?
It is very easy, what you have to do is only four steps:

1) Don't hurry too much, don't lazy too much to immediately click on the topic or article links, whichever links hidden via url links.
If you find something interesting with their posts, and have intention to get more information they shared with hidden links, it's good to stop at this step, and move to the second step.

2) Clicking on the quote button to see which are hidden links or shortened links
If you find that the links inside url are familiar, it is safely to move next to read and get information.
If you find that the links inside url are un-familiar, it is better to stop at this, and do next steps.
For example:
If you click on the quote button to quote my OP, you will see hidden link like this:
Code:
[url=https://bitcointalksearch.org/topic/steps-to-check-potential-phising-links-5130231]Steps to check potential phising links[/url]
And, the link is safe, because it leads to official bitcointalk.org forum, right?

Another way to check is hovering on the link, the you will see the link behind.
For example:
1. The image show the link hidden in the topic titles posted by DdmrDdmr, you can see the link in the left corner at the bottom of your browser by hovering your mouse on the topic title. It is easy, isn't it?


2. In the second example, I create a hidden link behind the phrase Bitcointalk Forum, that will lead you to a fake bitcointalk site. Please remember it will lead to a fake bitcointalk site, so please don't log in your bitcointalk account on that site. Your account might be hacked. I don't advertise for fake site here. It's just an example and it is another way to help you know about one of fake bitcointalk sites.
Bitcointalk Forum
If you really click on the link, it will lead you to the fake forum
It will become worse if you click on link that lead you to more dangerous sites, so please don't click on suspicious links.
Instead, one again, please hover your mouse on the suspicious link, then you will see hidden link behind. Like this:

You can see the link will lead you to bitcointalk[dot]com (that is fake/ scam forum).


3) Searching with the potential phising sites/ links with key words including their names + phising links/ phising sites.
Next, if the link you see after quoting or hovering looks risky, strange, you should do more search on those sites' reputation.
Key words should be used are:
- phising
- scam
- fake
- site name/ domain name


Another way is to check suspicious link with tools (I don't know about them well, so appreciate if someone can help).
whotookmycrypto suggested a site to check suspicious links, but someone else said even that site is not safe. So, please decide using it or not with your own interest.

4) Disable phising links found on your computer
After links determined as phising links, you should do the last step.
Another one to be added to your hosts files then.

On Windows, navigate to "C:\Windows\System32\Drivers\etc\", and open the hosts file in a text editor.
On Mac, navigate to "/private/etc/", and open the hosts file in a text editor.
On Linux, open terminal and write "sudo nano /etc/hosts"

Add the following two lines to the bottom of the hosts file:
Code:
0.0.0.0 bitcointalk.to
0.0.0.0 fonstavka.com

Your browser will now be unable to open those two phishing sites.


SHOULD READ:

What with bitcointalk .COM, it's a bit misleading.
[GUIDE] Use this for identifying Scam/Phishing/ Websites & Exchanges in Crypto


Other tips contributed by participants in the topic:
For most famous redirect website, you can just add a "+" (plus symbol) at the end of the URL and you'll go to a page where it shows everything about the redirection link (the final destination, clicks, stats, etc...).

Example:
https://bit.ly/2Vzd1C9+


CONTRIBUTORS
I appreciate to all contributors whom help me to make the topic better.
whotookmycrypto
DdmrDdmr
r1a2y3m4
TryNinja
GreatArkansas
Jump to: