How-to: Detect Phishing Sites

Phishing By Stomchak CC-BY-SA-3.0The Internet: greatest achievement of the information age or a paradise for scammers, con-men, thieves and ne’er do wells?

The answer is both. Every kind of human progress has suffered exploitation by a criminal minority preying on the law-abiding majority. The Internet is no different. It’s trans-national nature, crossing national legal jurisdictions makes it a veritable Wild West for those seeking profit by underhand means.

The virtual reality of the Web has made some of these activities easier than in the real world. Just about any web-site you site may be a con; the largest sites especially – Facebook, Twitter, Gmail, Dropbox, Paypal, eBay, bank portals, and so on have twins that are actually phish.

Phish or Foul?
A “phish” is a scam website that counterfeits a reputable, trusted site with the aim of stealing your account information – phishing. Some sites are easy to spot as phish, others are so accomplished as to be almost indistinguishable from the real thing.

Apply proper scrutiny, however, and you will soon learn to avoid falling victim to phishing.

Use a Custom DNS Service
The Domain Name System protocol translates web-site addresses given as URL’s – say – into the actual IP address of the web server on which the site resides.URL’s are entirely arbitrary and IP addresses are transient, so every time you enter an address into your web-browser, you need a DNS resolution service direct you to the correct IP address. All Internet Service Providers have this as a basic service.

Some custom and independent DNS companies go further than name resolution, filtering site requests based on reported malware content and previous phishing attacks. The most popular remains OpenDNS. Changing your DNS service takes just a few minutes with no downloads or additional software to install.

Use Your Browser’s Phishing List
All the current web-browsers maintain phishing lists; the browsers check the site URL and IP addresses requested against a black-list. Firefox, for example, throws a red screen with a warning whenever you hit a suspected phishing site on its black-list.

Use Third-Party Sites To Check Suspect Links
Rather than click on a suspect a link, copy and check it on a third party security site, such as McAfee’s SiteAdvisor, Norton WebSafe, Phishtank and others.

These can tell you whether there’s something bad about these sites, including malware and phishing. Where can you find all these wonderful sites that do this for you? Try checking out one of our articles on the subject.

Be Alert (the Web needs Lerts!)
Your own general observation skills will save you from a lot of the con artists without recourse to other tools. For example:

Does the suspect site use a secure connection? Look for the green indicator in the address bar (IE) and the https prefix in the URL. Don’t enter personal information and account details into any unsecured connection.

Check the domain of the URL. The reputable sites own their own top level domains: PayPal is, American Express is A domain the wrong suffix or with extra suffixes is a dead giveaway that something’s wrong; here is a real examples; Seriously, if you see something like that, ‘don’t go there…’ If you bounce through any strange, unrelated re-directs en route, (, also a real example) be suspicious. The URL’s of sub-pages within the real domain should be okay, so anything beginning to any length or depth of /’s should be within the legitimate site.

Look at the site itself. You can compare the landing page of the URL you arrive at with the home page of the parent organisation by opening it in a new browser window or tab; if the two don’t look alike, it may be a scam site. Sometimes subtle differences in colours, fonts, liveries and logos are enough to give them away.

Finally, spread the word. Family and friends may have heard about phishing attacks, may have received unsolicited emails purporting to be from banks and such, but may not know how to spot a phishing site. Pass on this advice and get them thinking. Vigilance is the first step to winning the battle. AJS

Image: Phishing By Stomchak CC-BY-SA-3.0 or GFDL, via Wikimedia Commons

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s