Tool For Catch Phishing | Bitcointalksearch.org

UserU

hero member

Activity: 2016

Merit: 531

FREE passive income eBook @ tinyurl.com/PIA10

Quote from: DdmrDdmr on March 26, 2020, 05:40:19 AM

I’ve been looking for this site on and off for a couple of days recently. I’d thought I’d find it quickly, remembering the existence of this thread, but looking over my merited posts is rather futile to find posts. I’ve now resorted to bookmarking it, as it is a nice tool that goes a long way to show just how easy it is to make a type mismatch and end up on some spooky site.

True dat. If we're lucky, Chrome might give us a heads up but it's pretty much a cat-and-mouse game between the good and bad hackers.

DdmrDdmr

legendary

Activity: 2240

Merit: 10532

There are lies, damned lies and statistics. MTwain

I’ve been looking for this site on and off for a couple of days recently. I’d thought I’d find it quickly, remembering the existence of this thread, but looking over my merited posts is rather futile to find posts. I’ve now resorted to bookmarking it, as it is a nice tool that goes a long way to show just how easy it is to make a type mismatch and end up on some spooky site.

Chikito

legendary

Activity: 2352

Merit: 2049

I am suggesting for owner website to subscribe dnstwister, when someone already made similarly will notify by email

GreatArkansas

legendary

Activity: 2282

Merit: 1344

Buy/Sell crypto at BestChange

Quote from: Chikito on December 15, 2019, 09:04:54 AM

(....)
Happy hunting and don't forget to report https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en

Additional sites for reporting some phishing websites or scam website is this: https://cryptoscamdb.org/report (new) or this: https://etherscamdb.info/report (old)
These websites has also list of some identified phishing or scams about cryptocurrency websites.
I also using these websites after reporting it to the google's safebrowsing website.

Chikito

legendary

Activity: 2352

Merit: 2049

Quote from: BitMaxz on January 10, 2020, 03:18:16 PM

I don't think if it's fine to post this tool here what do you think?

I am good.
No problem to me when remove this tool purpose to avoid scammer using it. I am posted because of helping phishing hunter to find and reporting malicious site.

BitMaxz

legendary

Activity: 3206

Merit: 2904

Block halving is coming.

This tool dnstwister.report is interesting it can also find the Punycode domains which are available and not yet registered to any domain provider.

I don't think if it is good to put this tool here because they can use that tool to make a fake/phishing website(it means it also helps scammers to find Punycode domain)

Take a look at this one as a sample that I found from that tool

Code:

https://xn--bitcointal-2wb.org

If you enter that domain to chrome and firefox browser the result will be bitcointalķ.org no difference to the original website (orig:bitcointalk.org) the only thing you will notice is the letter k if you check the URL carefully. And the Punycode domain is very cheap to register to any domain provider.

I don't think if it's fine to post this tool here what do you think?

nakamura12

hero member

Activity: 2254

Merit: 669

Bitcoin Casino Est. 2013

Quote from: FeiYun2112 on January 10, 2020, 08:09:29 AM

The way newbie users get alerted about phishing web site also important. If software browser like Firefox or anti virus software alert users when they visit phishing web site, then it will save a lot of users from scam.

That would be good but some alerts from anti virus software is not accurate all the time. Sometimes the alerts are not what the software says. I suggest you use the provided tips and tools to use catching phishing sites to avoid getting phished without you knowing that your info are already taken.

FeiYun2112

newbie

Activity: 11

Merit: 0

The way newbie users get alerted about phishing web site also important. If software browser like Firefox or anti virus software alert users when they visit phishing web site, then it will save a lot of users from scam.

Chikito

legendary

Activity: 2352

Merit: 2049

Quote from: Chikito on December 15, 2019, 08:08:22 PM

https://github.com/x0rz/phishing_catcher

Guide to using phishing_catcher on Linux/ubuntu terminal

Requirement:

- Python2 or Python3

Code:

git clone https://github.com/x0rz/phishing_catcher.git

↩

Code:

cd phishing_catcher

↩

Code:

pip install -r requirements.txt

↩
Running catcher

Code:

./catch_phishing.py

↩

I got a lot Suspicious link. Let's try your self, dwyor

tbct_mt2

hero member

Activity: 2254

Merit: 831

Welcome to my collection, DroomieChikito. You did a great guide.

Quote from: tbct_mt2 on March 28, 2019, 02:17:33 AM

Tool For Catch Phishing, DroomieChikito

Chikito

legendary

Activity: 2352

Merit: 2049

Quote from: sujonali1819 on December 15, 2019, 09:45:41 AM

Good job man. I have been searching this type tools for long time. And today I have found something which maybe help me. And I have tried the first one. It looks good and cool.

Np, when you have good knowledge, you can run code by looking for suspicious TLS certificate issuances

https://github.com/x0rz/phishing_catcher

Phishing catcher using Certstream.
CertStream is getting data from the Certificate Transparency Log (CTL) to monitor for suspicious keywords.
https://blog.0day.rocks/catching-phishing-using-certstream-97177f0d499a

Tool for monitoring similar web are goods for exchange and wallet developer to avoid phishing.

Quote from: GreatArkansas on December 15, 2019, 06:46:24 PM

report some phishing sites or scam/fake : https://etherscamdb.info/.

What do when we report it?, I see website like:

Code:

https://siawallet.io/
http://ethcharity.net/

Those are Still active. We have to report it to https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en first then https://etherscamdb.info before someone confuse to clicking the link on table.

GreatArkansas

legendary

Activity: 2282

Merit: 1344

Buy/Sell crypto at BestChange

Quote from: Chikito on December 15, 2019, 09:04:54 AM

Every day we fund the phishing website always burning and try to scam people. I did a lot of catch of them and reported on safe browsing google
(...)

Great, I'm a little bit surprised coz this kind of website exist, thank to you.
Btw, here's another website where we can report some phishing sites or scam/fake : https://etherscamdb.info/.
It's also about crypto where you can see some list of scam sites like phishing sites.
BUT, the best report we can do is to report on their particular registrar, it is much better to be take down immediately, emailing them will do, just provide the link of suspected scam/phishing website.

sujonali1819

legendary

Activity: 2436

Merit: 1189

Need Campaign Manager?PM on telegram @sujonali1819

Good job man. I have been searching this type tools since long time. And today I have found something which maybe help me. And I have tried the first one. It looks good and cool.

Chikito

legendary

Activity: 2352

Merit: 2049

Every day we fund the phishing website always burning and try to scam people. I did a lot of catch of them and reported on safe browsing google

What tool to find it?

https://dnstwister.report/

dnstwister is a good tool to find a similar domain and find potential phishing. We can subscribe and alert us when someone makes the same domain.
For example, I put localbitcoins.com on the following box

https://dnstwister.report/search?ed=6c6f63616c626974636f696e732e636f6d

Well, we can see 438 domains similar to localbitcoins.com and 242 domains resolved to an IP address.
Not at all online and Phishing, maybe was reported and when checking it one by one some people still selling similar domain and other one make referal into localbitcoins.

Another one to check phishing site is https://www.phishtank.com/

and sometimes I use https://www.virustotal.com/gui/home/search [insert IP address on box to find relation domain]

Happy hunting and don't forget to report https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en

Topic: Tool For Catch Phishing (Read 403 times)