Pages:
Author

Topic: What to do to avoid phishing sites - page 3. (Read 1032 times)

legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
August 01, 2019, 08:17:22 AM
#5
Browsers have bookmark features to do it. Or people can save links of their most visited sites in their own ways (beyond bookmarks) for later use. No one can remember all site addresses.

You're right, however, for some cases (namely electrum) I still advise remembering it (electrum.org), just because one may need it on a fresh PC or a live OS.
But yes, for normal use bookmarking the proper site is also a great approach.

Anything, just don't search for it, because fake sites are often returned in the top of search results, and don't click onto links in e-mails, websites and so on.
legendary
Activity: 2044
Merit: 1018
Not your keys, not your coins!
August 01, 2019, 08:10:06 AM
#4
There are also browser extensions that help you finding out pretty easy if a site is legit or phishing.
However, the best approach is being careful and instead of searching for the websites on the internet, typing directly the correct address will keep you out of troubles.
Browsers have bookmark features to do it. Or people can save links of their most visited sites in their own ways (beyond bookmarks) for later use. No one can remember all site addresses.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
August 01, 2019, 07:49:15 AM
#3
There are also browser extensions that help you finding out pretty easy if a site is legit or phishing.
However, the best approach is being careful and instead of searching for the websites on the internet, typing directly the correct address will keep you out of troubles.
legendary
Activity: 2114
Merit: 2248
Playgram - The Telegram Casino
August 01, 2019, 03:50:06 AM
#2
Nice post. It would be helpful to bookmark all the sites you visit regularly, and always review any new site before adding it to your list.
Never click on links from unsolicited emails, telegram messages or even PMs here on the forum.
Before clicking on edited links here on BT, hover over the link to view the original HTML or copy and paste the link if you're using a mobile browser.
legendary
Activity: 2044
Merit: 1018
Not your keys, not your coins!
August 01, 2019, 02:55:05 AM
#1
Today, I saw this thread, started by @nakamura12, that reminds me that I read a few topics on the same issues with phishing sites and scammers.
A Reminder To Newbies!

I think it is helpful to generalize some basic strategies of scammers and methods of phishings.
  • Type #1: New domain names with additional prefix or suffix from famous sites' domain names
  • Type #2: Fake domain names with minor difference in unicode (that mostly not discovered by careless people)

Some basic examples for two types of phishing sites:
Type #1:
Code:
http://electrum.org.uk/
http://electrumclient.org/
http://downloadelectrum.org/
http://electrumsite.com/
http://electrumweb.net/
http://electrumupdate.com/
http://electrumproject.org

Type #2:
BitcoinTalk.org is the ONLY domain the forum has.
Exchanges (Poloniex, Bittrex, Binance have phising sites with unicode, but I still not find them for examples; so if you know such topics, please help):
I've just received an email from some scammer which asked me to review Poloniex's new terms of use.

But the link leads to:

https://secure.poloniex.work/


When you know they are phising sites, you should do two things:
Report them to Google
Like this
I check all sites from the list, the result is the following : First and last site from the list are loaded quite normal (no blocking from adblock, av or other security software), and other sites are blocked by my browser (Firefox) as Deceptive site ahead with the following warning :

Quote
electrumclient.org has been reported as a deceptive site. You can report a detection problem or ignore the risk and go to this unsafe site. Learn more about deceptive sites and phishing at www.antiphishing.org. Learn more about Firefox’s Phishing and Malware Protection at support.mozilla.org.



Although the idea of blocking such sites in users host file is not bad, for most users it still represents a challenge. What we need to do is report such sites as phishing to Google. In this way such sites will be blocked for every user, even those who are not aware of the problem will be protected.

It is also important to use adblocks for browsers, since most users use search engines to find Electrum site, and bad ones usually pops up at the top of the search list. The last line of defense is antivirus software which should be updated, and good AV will analyze any downloaded file and prevent the user from installing bad software.

Protect your computers by editing your hosts file
Another one to be added to your hosts files then.

On Windows, navigate to "C:\Windows\System32\Drivers\etc\", and open the hosts file in a text editor.
On Mac, navigate to "/private/etc/", and open the hosts file in a text editor.
On Linux, open terminal and write "sudo nano /etc/hosts"

Add the following two lines to the bottom of the hosts file:
Code:
0.0.0.0 bitcointalk.to
0.0.0.0 fonstavka.com

Your browser will now be unable to open those two phishing sites.

There are some of the most active users who keep updating phising sites:
- socks435
- Baofeng
- GreatArkansas
If you are a fan of bitcoin, use Electrum wallet to store your bitcoin, you should be careful with phishing sites that try to clone Electrum site and never stop popping up.

You should follow them to get fastest updates on phishing sites.

Warning!
Remember addresses of important sites are always the best!

Sometimes, links to upgrades provided by official wallets might be abused by attackers, so it will be the best if you remember exact address of sites (to download walelts, ie.)
Thanks @NeuroticFish by reminding me about it
Umm... a few months ago there was a huge problem: a vulnerability in Electrum allowed hackers show a custom message in Electrum, message that was not coming from Electrum developers, message that was showing a link and asking for upgrade. Whoever "upgraded" from there, got a fake Electrum that stole their funds.

I know that you meant something else, the entries from the help menu, but imho that's just a small step away and can lead to too much trust and .. sometimes problems. I think that remembering the address is much safer and not a big effort.
There is announcement of admin: Electrum vulnerability allows arbitrary messages, phishing



IMPORTANT NOTES:
- Don't arbitrarily click on links (using Google to search that link plus keywords 'phishing sites' or 'phishing' to check those links)
- Remember exact links of limited, but extremely important sites.
- Bookmark links of wallets, exchanges, forums (important sites).
- Report phising sites when you find them or know about them by other's warnings
- Using Host-file to deal with phishing sites

Read more:
- Tampering attacks!
- Punnycode attacks
- [LEARN] Phishing Quizzes - Beginners & Experts
- Host-file to deal with phishing sites
Pages:
Jump to: