Topic: Tips needed in Identifying a fake web Address - page 2. (Read 395 times)

I will provide further tips to avoid being a target of such scams.

1. Make sure to bookmark the safe versions of websites you visit.  When you know the bookmarked one is the safe one, there are less chances of accidentally entering a fake website.  This is also a good change of routine for those who always Google up websites when they need them.  If you have a bookmark it does not only get you quicker to the desired website.  You now also skip having to triple check the website's legitimacy on multiple sources.

2. If you are unsure, make sure you double check for the correct address on multiple sources.  Not sure where is the correct, legitimate link for Electrum?  Check if the one you are on matches the one shown on Bitcoin.org.  Check other threads on Reddit or the official subreddit's description if there is one.  Check the official Telegram group.  Ask on Bitcointalk for the correct link.  Still unsure?  Double-check with another device.  Ideally, on a different device on another network such as mobile data.  Not sure which is the right link for Binance?  Check your e-mail for older deposit or withdrawal e-mails you received.

I strongly believe the only trust you should have is in yourself.  If you check for the legitimate address on multiple sources from different devices and networks, the chances of getting scammed substantially decrease.  Bitcoin.org may be hacked at any time to show a fake Electrum address, but what are the chances Bitcointalk, Reddit, Telegram and all these other websites have been compromised as well?  Do not trust, verify.

-
Regards,
PrivacyG

5. Learn what are, and how to identify, domains with punycode: UPDATED!!! Punycode and how to protect yourself from Homograph Phishing attacks?

The rate of increasing online social media scam is alarming this days by using fake or imposting a particular web address in other to deceive users into their trap thereby creating a  similarly identical web address to the original one claiming ownership in other to lure users into their fraudulent acts, i will be talking specifically about steps and procedures needed in Identifying a fake web address from the discussions below.

Verification of web address:
It is very important to know the correct url to the intended website to visit, check if this is misspelled or altered, e.g mcdonald.com can be changed to mcd0nald.com while another means is by altering into the web domain extension such as mcdonald.com to be altered with mcdonald.org

Verification of the site seal:
This is done to be rest assured that the site to be visited is authentic and not fake as it tends to reveal information about the site and any seal that does not display informational content tend to be a fake seal and can be a suspicious sign to a fake web address


source


Confirm the Lock sign
This is a sign that guaranteed data encryption on the website using TLS and lock are of three types namely:
Extended validation lock: this is used for higher security level by advance businesses and organizations
Domain validation lock: this verify the domain ownership
Organization validation lock: this Authenticate business registration with a regulatory body.

A browser is design to give a warning sign that the site about visited is not secured if the lock sign is found missing but it is also good to note that having the lock sign doesn't guarantee the site is not fraudulent or cannot be termed as fake site.

Run a check on the web Address
Verify through a proxy validator otherwise known as website checker is used in verifying site validaty and vulnerabilities it may have. Other means is by running through their privacy and policy check and their online reviews while importantly, whenever you come across such a fake web address "give it a total negligence" by avoiding it.

Punycode Phishing Attack

Punycode is said to be the translation of characters that are symbols, non alphabetic or letters from any non English origin to appear to be in English letters in other to stage a malicious domain for an attack, they make use of a Cyrillic or Homograph character to appears like the exact alphabetic in your address in other to blend it along and launch users into their trap for an attack, they mostly targeted at stealing user's password and data after getting access through.

An example of a secured web address will indicate this:

source

Example of Punycode attack: a good and updated browser will detect the presence of Homograph

source

Protection Against Punycode Attack

This Punycode Attack can be minimize and this lies on individuals responsibility by not:

1. Avoid clicking on phishing mails, links, ads and apps that look suspiciously enough for a malicious Attack.

2. Ensure to make use of standard and updated browsers like safari google chrome and internet explorer while firefox along other browsers are not recommendable for use at all as they tend to develop a weaker ability to detect Homograph character on browsers effectively except its been activated from the browser's settings to function by the user.

An unsecured browser will display this option:

source

At the site of this, its a warning signal that a malicious  Punycode attack has been detected and such user is expected to back off and "never continue".

Redirect Detective

This is used to verify address that redirect users into another thing entirely, users will wanted to test or get a proof to authenticate the address and most are found with short and suspicious address, they can be verify here: https://redirectdetective.com/ by adding the (+) plus sign at the end of the address.

Link:
https://bitcointalksearch.org/topic/punycode-and-how-to-protect-yourself-from-spoofed-urls-and-fake-websites-5184169