Is this a fraudulent site?

polonus · 2007-07-17T19:44:38.000Z

Hi malware fighters,

What are your criteria to see whether a site is a phishing site?

Is the domain name the name of the real domain? (checkable from via the real sites, place your bank sites in your favorites list or Google-list), if not so, you can assume the site is fraudulent.
Is there a https-connection (to log on to) for confidential data (financial data, personal data) if not, the site is most likely fraudulent.
Are they asking for a Credit card number, if so the site is fraudulent.
Are they asking for a PIN-code (for an ACM=Automated Counting Machine). If so, this site is certainly a fraudulent one.
Are they asking for your Mum’s maiden-name? If so, no doubt about it: fraudulent. (these questions are never asked under normal conditions, only your personal data.)
Is the depicted clickable URL (to log-on etc.) an obfuscated hyper link? (set your browser to make the domain name visible in your status bar. Mouse cursor should be held over the link, do not click), if so, this is a bogus site.
If you get a warning about too many false attempts to compromise your account? If so, assume this site is fraudulent.
Warning about a suspended account? If so, the site is a false one.
Wrong lingo, misspellings, and grammatical errors? If so, the site is fraudulent.
Double click the SSL-certificate pictogramme. Is the certification institute reliable? Is the right domain name inside the certificate, and does that fit with the one in the address bar?
If not so, you may assume the site is fraudulent. If after clicking twice on the SSL-certificates no certidate information found? Again you may assume the site is a fraudulent one,

Apply these rules for a rule of thumb, report fraudulent sites to Netcraft or report the site to PhisTank.

polonus

system · 2007-07-17T19:51:03.000Z

Apply these rules for a rule of thumb, report fraudulent sites to Netcraft or report the site to PhisTank.

don't use...how about siteadvisor and finjan and WOT and also running openDNS http://www.opendns.com/ -isn't that safe enough ??? 8) ;) http://www.opendns.com/start/features/#safer Phishing Protection: OpenDNS can identify and stop sites trying to phish (steal) your personal information or money.The OpenDNS phishing protection works with all operating systems and browsers, complementing any other security measures already in use.

http://i14.tinypic.com/66uip3b.gif

polonus · 2007-07-17T20:01:25.000Z

Hi drhayden1,

Of course that is safe enough. I have siteadvisor, not such a WOTty type, but I think the Netcraft toolbar is the only tool bar I would allow for this purposes into a browser, because it is soooo good. I tried it out with all sort of obfuscated URL’s and cross domain embedded ones, and it always alerted for exploits if there were any. It has been proven it’s ground, that’s why I allow it there. No doubt about that. But if you do not allow third party extensions, because of the recent abuse (Greasemonkey’s is a good recent example) that is your decision, and I cannot argue one iota against it.
Anyways I gave the rule of thumbs here, because under all circumstances we must continue to base our decisions on our own intellect also, and not merely rely on siteadvisor’s and finjan’s etc. The moment we got a new one in the line of possible fraudulent sites I described, no finjan or siteadvisor gonna help us, we have to report this one first.

Announcements