Hi malware fighters,
What are your criteria to see whether a site is a phishing site?
- Is the domain name the name of the real domain? (checkable from via the real sites, place your bank sites in your favorites list or Google-list), if not so, you can assume the site is fraudulent.
- Is there a https-connection (to log on to) for confidential data (financial data, personal data) if not, the site is most likely fraudulent.
- Are they asking for a Credit card number, if so the site is fraudulent.
- Are they asking for a PIN-code (for an ACM=Automated Counting Machine). If so, this site is certainly a fraudulent one.
- Are they asking for your Mum’s maiden-name? If so, no doubt about it: fraudulent. (these questions are never asked under normal conditions, only your personal data.)
- Is the depicted clickable URL (to log-on etc.) an obfuscated hyper link? (set your browser to make the domain name visible in your status bar. Mouse cursor should be held over the link, do not click), if so, this is a bogus site.
- If you get a warning about too many false attempts to compromise your account? If so, assume this site is fraudulent.
- Warning about a suspended account? If so, the site is a false one.
- Wrong lingo, misspellings, and grammatical errors? If so, the site is fraudulent.
- Double click the SSL-certificate pictogramme. Is the certification institute reliable? Is the right domain name inside the certificate, and does that fit with the one in the address bar?
If not so, you may assume the site is fraudulent. If after clicking twice on the SSL-certificates no certidate information found? Again you may assume the site is a fraudulent one,
Apply these rules for a rule of thumb, report fraudulent sites to Netcraft or report the site to PhisTank.
polonus