Pages:
Author

Topic: Tips needed in Identifying a fake web Address (Read 395 times)

hero member
Activity: 2520
Merit: 952
Decent scammers buy https these days Tongue, it doesn't mean much tbh
hero member
Activity: 812
Merit: 560
5. Learn what are, and how to identify, domains with punycode: UPDATED!!! Punycode and how to protect yourself from Homograph Phishing attacks?

  • Check shortened links with https://redirectdetective.com/
  • When you see a shortened link, you can add + at the end of it in order to get information about that link
https://bit.ly/3qi3h0F+

I really appreciate your various contributions on this thread in giving it more meaningful application with your contributions, it has given me more insight and a widen scope to understanding better ways to identifying malicious/fake web address. I've updated some as advised even though it took me while before updating.

And to everyone who has contributed and engaged with some piece of advice in making this topic worthwhile, you're all appreciated.
newbie
Activity: 9
Merit: 0
Uses an algorithm to check if the website with real reviews or a phishing, with fake products
https://www.scamadviser.com/

Reputation checker detect potentially malicious websites
https://www.urlvoid.com/
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
So the lock to the left of the website isn't safe enough?
Yes and no. It is safe from eavesdropers but not safe from the owner of the website and the owner of the website can be a scammer.

The padlock in which the site will be https, the s is a TLS certificate. TLS certificate protects user's data from eavesdropers in a way the data is encrypted between the website and its users in a way nobody can know the data transfered between the user and the website because it is encrypted, nobody will be able to trace or steal the information. Also such encrypted data can not be altered, changed or modified in a way it will not be known. Also this authenticate that you are communicating with the real owner of the site you are visiting (but know that the owner of the site can be legit or a scammer).

So your data is not leaked to eavesdropers, can not be modified and it is secure from the public.

Taking this as an example. You are visiting a reputed site that requires you for payment with your credit card, the site has the padlock and https. If the site is reputed, you can provided your MasterCard details included pin to make payment, like on reputed online stores. But if not having the TLS certificate, do not provide such information because it can be known to other people and be used against you to steal from you, it means the site is not having integrity and should not be used for your own data safety.

But on the other hand, a scammer can have a site with a reputed domain and having the TLS certificate, but having just the intention to scam people, that is why to never trust even sites that have the certificate, you need more research and check if a site is reputed enough. Example is a site that belong to scammers that has the encryption certificate but asking users to input their seed phrase, in this case, the owner of the site will still know the seed phrase (but eavesdropers do not) and the owner of the website will steal your coins.

So we can say the data is safe from the public but the owner of the site can still scam you because it is even the site you are communicating with, so in this case it can lead to scam.
hero member
Activity: 882
Merit: 1873
Crypto Swap Exchange
Don’t confuse the traffic being encrypted between you and the site, and the site being safe. Any site can be deceptive, regardless (and sometimes specially because) of the padlock. We’ve seen hundreds of sites here on this forum that were clearly scam sites, and people trusted them partially due to the presence of the padlock.
If people truly cared, they would need only two clicks to find out what that padlock means.  On my Tor Browser, clicking on it displays the message "You are securely connected to this website".  Securely CONNECTED.  This obviously does not prevent errors like you entering your seed on a website or you downloading executables.

-
Regards,
PrivacyG
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
So the lock to the left of the website isn't safe enough?

No …:

1. Don't visit website with http link which is not a secured connection, a secured one should be in https format. <…>
That’s really an often stated misconception. The "s" (secure) part will imply that the data you transmit to and from the site will be encrypted, but it does nothing else but give a false sense of security when it comes to the likeliness of dealing with a site that can provide malware through some kind of download, or else other malware or intent in wrongdoing. An SSL certificate is pretty cheap to obtain, and there are multiple scam, phishing, you name it type sites that resort to it, simply because of the wrong sense of security it bears.

Don’t confuse the traffic being encrypted between you and the site, and the site being safe. Any site can be deceptive, regardless (and sometimes specially because) of the padlock. We’ve seen hundreds of sites here on this forum that were clearly scam sites, and people trusted them partially due to the presence of the padlock.
full member
Activity: 1750
Merit: 186
So the lock to the left of the website isn't safe enough?


hero member
Activity: 882
Merit: 1873
Crypto Swap Exchange
It's not really a trick but rather a feature provided by some URL shorteners to let visitors view the real link they will be redirected to so they can decide whether to open it or not.
But you are right, it's safe because even if the URL shortener doesn't support this safety feature, the (+) symbol at the end of the link will make it invalid and in most cases you will be redirected to 404 not found page.
May sound like it is safe, but it is not.  Not to me anyway.

A scammer who knows about this 'trick' could benefit off it.  I do not have much experience with website domains and all of this but I think my idea is plausible.  Create a website that looks like a link shortening service and create a redirection from a link on your website, say block.ly/tEsT01 to a malicious website.  Then create the same redirection for block.ly/tEsT01+ so that it is not invalid nor is it a safety feature but both redirect instead to the malicious link.

Even if it sounds like a safety feature, it is like saying adding a + after a malicious website helps avoid whatever it is doing.  Before you know, you are on the website you tried NOT to visit.  No way I am going to paste that link in my web browser's address bar!

-
Regards,
PrivacyG
legendary
Activity: 2702
Merit: 3045
Top Crypto Casino
You can safely hit enter on such a url because the browser will not redirect you to the destination (unshortened) url, but you will get additional information about the shortened link.

This trick also works with some other URL shorteners, for example tinyurl.com.
It's not really a trick but rather a feature provided by some URL shorteners to let visitors view the real link they will be redirected to so they can decide whether to open it or not.
But you are right, it's safe because even if the URL shortener doesn't support this safety feature, the (+) symbol at the end of the link will make it invalid and in most cases you will be redirected to 404 not found page.
full member
Activity: 155
Merit: 102
Checking the padlock and HTTPS certificates are the very preliminary steps one should take before entering some really sensitive info on a websites, specially because certificates can be often faked and easily purchased. They hold little meaning, but this step can be used to weed out small-scale scams.

Some URLs contain non-ASCII Unicode characters that look very alike ASCII English alphabet letters, so it's not possible to distinguish by the human eye, and for that, as mentioned above, Punycoder is a very useful tool.
Also surprisingly common, check for typos in URLs, very subtle typos are common in fake URLs. Another way to avoid them is by bookmarking links or maybe remembering the web-addresses of certain websites like the netbanking login for your bank, because searching them up on Google and clicking a result may result in you clicking one of those spam sponsored ads, which might be malicious and take you to a similar looking website.

Beware of just clicking any links in an email before checking the full address of the sender, phishing scams are very common via email. Cryptocurrency frauds are very common via way of phishing scams through email. This website provides a pretty in depth guide on how to avoid and look out for such scams: Basic guidelines to spotting a phishing scam

hero member
Activity: 1456
Merit: 940
🇺🇦 Glory to Ukraine!
  • When you see a shortened link, you can add + at the end of it in order to get information about that link
How does this work?  Is it a trick I do not get, or is it just for bitly?  I tried adding a '+' at the end of bitcointalk's URL and it just loaded up, nothing more.  Would not do the '+' trick simply because I would not trust pushing the Enter button on a link I do not trust anyway.

You can safely hit enter on such a url because the browser will not redirect you to the destination (unshortened) url, but you will get additional information about the shortened link.

This trick also works with some other URL shorteners, for example tinyurl.com.
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
How does this work?  Is it a trick I do not get, or is it just for bitly?  I tried adding a '+' at the end of bitcointalk's URL and it just loaded up, nothing more.  Would not do the '+' trick simply because I would not trust pushing the Enter button on a link I do not trust anyway.
It's applied for shortened links such as bitly links. Adding "+" at the end of URL link and you or anyone click on that link will be directed to a page with full details about the link.

Let's try to click on the link in my previous post that is a shortened one of this topic link.  Cheesy
hero member
Activity: 882
Merit: 1873
Crypto Swap Exchange
This also works with some services offering website screenshotting.  Helps if you want to check what the page looks like before actually entering it.  You just put the link, wait for the image and verify the website's screenshot.

  • When you see a shortened link, you can add + at the end of it in order to get information about that link
How does this work?  Is it a trick I do not get, or is it just for bitly?  I tried adding a '+' at the end of bitcointalk's URL and it just loaded up, nothing more.  Would not do the '+' trick simply because I would not trust pushing the Enter button on a link I do not trust anyway.

-
Regards,
PrivacyG
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
  • Check shortened links with https://redirectdetective.com/
  • When you see a shortened link, you can add + at the end of it in order to get information about that link
https://bit.ly/3qi3h0F+
legendary
Activity: 2338
Merit: 1084
zknodes.org
There is a "URL history" feature which actually reduces the bookmarking function and almost all browser apps support it. Tbh, I don't save too many bookmarks for a long time on my mobile.
In phishing attacks that are commonly spread on emails and social media PMs, scammers often add subpage urls of the site in such a way (eg to promo pages) that it can be a point of attention rather than checking the domain first.
Avoiding to click on Emails sent by unknown people or foreign emails will save us from the phishing trap. Their messages will usually only go to SPAM and it can be confirmed that messages that come in SPAM will not be safe. I never even open a SPAM message, delete it and get rid of it so it's not read or clicked.
I'm still using the bookmarking system and it could be more effective, but still need to be careful on the domain url so it will be more secure.
The important thing is not to enter a private key if you find a website like that.
legendary
Activity: 2324
Merit: 1604
hmph..
Verifying the website address/url is the most appropriate thing to do, because a single error caused by a typo can compromise your account information. One should pay attention to this when trying to login to an account, contains important information and there is a money balance in it.

As for the signs of the lock, it does not guarantee the authenticity and security of the website. because, lately, a lot of phishing webs have activated their SSL to trick users. maybe this article can be one of the reason to makes all of us not too depends to pad lock sign on the web. https://www.ipswitch.com/blog/https-and-a-padlock-does-not-mean-a-website-is-secure
hero member
Activity: 2212
Merit: 670
Signature designer - start @$10 - PM me!

To build on this, it's better to visit all critical websites via your browser's bookmarks or by typing the complete url address into the address bar, rather than searching on search engines. Not only is this more secure, this method is also generally faster.

Alternatively, you can visit the majority of your critical sites via the Google Chrome bookmarklet (launcher). Click the 'save' button to create a new bookmark on your desktop that opens the destination web page.


There is a "URL history" feature which actually reduces the bookmarking function and almost all browser apps support it. Tbh, I don't save too many bookmarks for a long time on my mobile.
In phishing attacks that are commonly spread on emails and social media PMs, scammers often add subpage urls of the site in such a way (eg to promo pages) that it can be a point of attention rather than checking the domain first.
hero member
Activity: 1456
Merit: 940
🇺🇦 Glory to Ukraine!
Therefore it is always a good practice to check the URL and always remember the correct URL address. Always avoid clicking text advertisements on Google as scammers use Google ads a lot and the same applies to social media ads.

To build on this, it's better to visit all critical websites via your browser's bookmarks or by typing the complete url address into the address bar, rather than searching on search engines. Not only is this more secure, this method is also generally faster.

Alternatively, you can visit the majority of your critical sites via the Google Chrome bookmarklet (launcher). Click the 'save' button to create a new bookmark on your desktop that opens the destination web page.
hero member
Activity: 2156
Merit: 803
Top Crypto Casino
5. Learn what are, and how to identify, domains with punycode: UPDATED!!! Punycode and how to protect yourself from Homograph Phishing attacks?

The extension only works with the desktop browser but not with the mobile browser. I do not think there is an app that is currently available that detects such kind of threat on a mobile device browser. Kiwi is the only browser that allows extension on an android mobile device but there is no guarantee that the extension will work. The other way is to first check the URL using the Gluee tools and then visit the website, which I am sure most of us will forget.

Therefore it is always a good practice to check the URL and always remember the correct URL address. Always avoid clicking text advertisements on Google as scammers use Google ads a lot and the same applies to social media ads.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
There can be fake site similar to an original site while the fake site belongs to scammers, but we should still know that a site can be authentically belong to a scammer (that is, the fake site can be originally owned by a scammer), this is very common, for a site to have his own domain but belonging to scammers. To know such site belong to a scammer which is all that matters, you should know from what the site is offering which may look like Ponzi scheme and other forms of high yield investment program, you can as well check the domain name through sites like whois.com which their registration may likely be new. Most people that visit the fake sites that look like original sites are mostly clicking on google link ads or ads generally which direct them to a fake website, visiting the right site directly is better and also avoiding clicking on ads and link ads
Pages:
Jump to: