Get our latest top picks
Subscribe to our Top Picks RSS Feed or enter your email address below to get the feed delivered to you by email:
|
Follow Gizmo |
 |
 |
 |
Register/Login
Top Rated
Gizmo's Freeware is Recruiting
We are looking for people with skills or interest in the following:
- Mobile Platform Reviews
- Rootkit Scanner and Remover
- Streaming Media Recorder
- Email Client
- Archive Manager Interested? Click here
How to Tell If A Website Is Dangerous
These days it can be very difficult to tell if a site is trustworthy or not. Many nefarious sites are being designed to look respectable. Thus you should always make sure that a site is not dangerous by using multiple approaches. This is especially important to consider before providing a site with sensitive information such as credit card numbers, banking information, your email address, etc...
In general you may want to be wary of a site if it asks you for unnecessary personal information, a credit card number, or a bank number when it's not necessary. This could be evidence of them phishing for your sensitive information. In order to better recognize phishing scams, and thus avoid them, please see the examples provided on this page. You should also be wary of sites with offers that seem too good to be true, have very intrusive ads, have multiple popups, tell you that you need to install a plugin to view content, etc... For sites such as these you should definitely consider using the methods described below to make sure that the site is actually safe before proceeding further.
Index
1. How To Investigate A Site Before Visiting It
2. General Approach To Analyzing Sites
A) Check Site With Zulu URL Risk Analyzer and Comodo Web Inspector
B) Check Site With VirusTotal And URLVoid
C) Check Reputation Of Site With Web Of Trust
3. Make Sure SSL Certificate Is Trustworthy Before Making Purchases
4. How To Report Dangerous Sites
1. How To Investigate A Site Before Visiting It
If the source of a link seems phishy, such as if it came in an unrecognized email or it is a suspicious link posted online, I would recommend that you don't click it until you've made sure the site is not dangerous. To copy the link for analysis, without ever visiting the site, you can right click on it and select the option to "Copy link address" (For Chrome), "Copy link location" for Firefox, etc... If this link appears to be a shortened URL, then you must first unshorten the URL before testing it. If you don't do this then your analysis will actually just test the site that shortened it. To unshorten the link you can go to this site and paste the shortened URL into the box. It will then provide you with the actual URL, which you can copy to use for the analysis below.
2. General Approach To Analyzing Sites
A) Check Site With Zulu URL Risk Analyzer and Comodo Web Inspector
The first thing I would advise doing is copying the website's URL and pasting it into Comodo Web Inspector. However, this analysis may take a while as it is running an in-depth real-time analysis of the site to check for any possibly malicious content. Thus, I would advise running Zulu URL Risk Analyzer at the same time. However, once Comodo Web Inspector is done it will present you with its findings. If the site is rated as High Risk it's very likely that the site is dangerous. If it rates it as Suspicious the site is probably dangerous, but you may want to see what the other services mentioned in this article rate the site.
Then also copy the URL into Zulu URL Risk Analyzer. If given the choice choose to reanalyze the site. This also uses multiple methods to analyze the site. After it is done analyzing the site it will present you with an overall risk score of how likely the site is to be dangerous from 0 to 100, with 100 being very dangerous. It will also provide you an interpretation of this in which it will rate the site as Benign, Suspicious, or Malicious. While I have seen it have some false positives on safe sites, in which it rated them as Suspicious, I have never seen it rate a safe site as Malicious. Thus, my advice for using this service is that if it rates the site as Malicious you can be relatively confident that the site is dangerous. However, if it rates it as Benign or Suspicious then you should move on to the following steps to further evaluate the site.
B) Check Site With VirusTotal and URLVoid
To check the site against the databases of many reputation engines and domain blacklists the next thing you should do is copy the website's URL and paste it into VirusTotal. If the site was previously rated you should select the option to Rescan. If the site is already known to be dangerous it will likely be flagged by at least a few services. However, even if they all come up clean it doesn't necessarily mean that the site is trustworthy. Remember what was discussed earlier about how the age of the site comes into play when interpreting these results.
Also copy the website's URL into URLVoid. This service is similar to VirusTotal in that it also checks the site against many blacklists. If presented, choose the option to "Update Report", as this will provide you with the most up-to-date results. Also, near the top it provides you with when the domain was first registered. Although this information by itself tells us very little, in general, if a site is new it may not mean much if it is not flagged as dangerous by any of the above services. It often takes a while for any of the services to locate, and analyze, new dangerous sites. Also, even old sites, which were previously safe, can be hacked and turned into phishing, or malware infested, sites. Thus, just because a site is old, and not flagged as dangerous, does not mean that it is certainly not dangerous.
C) Check Reputation of Site With Web Of Trust
At the bottom of the URLVoid results for the site it also presents you with the WOT ratings. This trust score, by itself, should be helpful for you in judging whether the site is trustworthy. However, clicking on the button in the third column brings up the WOT scorecard for the site, which provides even more information. This information includes people's comments about the site, assuming anyone has left comments. In terms of the comments, it should be noted that the comments of individuals may be biased for many reasons, but by reading through many comments you should be able to get an idea of whether the site is dangerous and the main problems people have with the site, assuming there are a lot of negative comments. This information can also be used to decide whether the site is actually dangerous.
Note that another very useful aspect of using WOT is that nearly all popular sites should already be rated. Thus, if you find yourself on a site which is popular, such as Paypal, Gmail, etc..., but WOT says that the site is unrated, it may be a phishing page.
3. Make Sure SSL Certificate Is Trustworthy Before Making Purchases
Even if none of the above methods indicate that the site is dangerous, before transmitting your sensitive information to the site there are additional issues to be aware of. One of these is to make sure that the page where you fill in your sensitive information, which may include credit card numbers or banking information, is secured with a SSL certificate. If the URL of the page you're on begins with https then an encrypted connection is being used and your information is probably safe, at least assuming that the site is trustworthy. As long as the site is secured then nobody other than you and the people operating the site can view the information you are submitting. I would strongly recommend that you do not transmit sensitive information through any site that is not secured in such a way.
However, there is one subtle danger to be aware of. There are actually many different types of SSL certificates. These provide varying levels of trust. An extended validation certificate will guarantee that the business is legitimate, while many other types are only validated with respect to the domain, but not the owners and operators of the domain. Do note that some phishing sites have been known to purchas low-level validation certificates in order to trick people into believing they are trustworthy. For more information about the differences between these certificates please see this page. I'd strongly recommend reading the information on that site. Only if the certificate itself guarantees that the site is safe, and belongs to a valid business, should you have complete trust in that domain.
4. How To Report Dangerous Sites
If you do find that a site is dangerous I would appreciate it if you could take a few minutes to report the site so that other people will be protected from it. To do this please read this article I've written about How to Report Dangerous Websites.
Please help by rating this article. Also, if you believe this article deserves anything less than 5 stars, please leave a comment below explaining how you think it can be improved or where you find fault. This article is written by me but fueled by the community. Thus your opinions and advice are not only much appreciated, but actually necessary in order for this article to grow and improve.
If you found this article useful then perhaps you'd like to check out some of my others.
How to Clean An Infected Computer
How to Fix a Malware Infected Computer
How to Harden Your Browser Against Malware and Privacy Concerns
How to Install Comodo Firewall
How to Know If Your Computer Is Infected
How to Protect Your Online Privacy
How to Report Dangerous Websites
How to Report Malware or False Positives to Multiple Antivirus Vendors
How to Tell if a File is Malicious
This software category is maintained by volunteer editor Chiron. Registered members can contact the editor with any comments or suggestions they might have by clicking here.
- Article type:
- Login or register to post comments
Printer-friendly version
Comments
WOT is very effective. Any public rating system is open to some form of abuse but WOT is definitely not as open to abuse as you say it is.
Remah
Editor, Best Free Internet Safety Check
I've actually found the comments to be very useful, although that is not always true of the ratings. By reading the comments you should be able to get an idea of what it is that makes people unhappy with the site and also whether there only seems to be one major problem which they all are harping on. Thus if you read the comments carefully you should be able to discern the me-too'ers from the people with a valid complaint.
I'll include a comment about this in my next rewrite.
Thanks.
Regarding WOT, see here for an in depth review:
http://www.techsupportalert.com/content/best-internet-safety-check.htm
I don't know about WOT abuse, but whenever I have ranted a site, a disclaimer states that my rating only applies to my browsing and not public ratings. Maybe this is because WOT is a firefox add-on in my case, but either way, it doesn't seem to be particularly accurate.
It's not clear what you mean. Did you mean that when you rated a site with WOT you also left a comment. Comments have no impact on WOT site ratings.
When I compared WOT with other free Internet safety checks WOT was one of the most accurate at protecting from dangerous sites and the best of the products integrated into the five main browsers. You can see the rankings at
http://www.techsupportalert.com/content/best-internet-safety-check.htm#Q...
None of the products I tested were more than 90% accurate at warning about known bad sites. This is not so much of a problem because most of us have a relatively low risk of exposure to dangerous sites unless we are directed there by search results, ads, "friends" or hijacked sites.
It is also important to remember that WOT does not measure "security", it measures "trust". So what you trust may be different than other raters.
Remah
Editor, Best Free Internet Safety Check
Sorry for being unclear. WOT does provide ratings to the sites I visit. When I rate a site using the "bars" system, it displays my ratings but apparently doesn't save them or apply them to the current rating for the site. When I return to the same site, it lists "my rating" only.
When last I reviewed WOT, it had no redress system in place. In other words, anyone could decry my site, but there was no way for me - as a site owner - to address any complaints. {I don't have a public site, btw, that's just an example.) Any one (1)-way system is going to go downhill in relatively short order. Without some adjudication system, it is, at best, an opinion poll, and at worst, a means to destroy a competitor or rival or just someone you don't like. Maybe that has changed over time, but I'd not give WOT the time of day, much less my traffic or opinions on sites I've visited.
WOT seems to be based upon the concept that {fifty thousand|fifty million|enter your number here} people can't be wrong. If you subscribe to that, you should be perfectly comfortable with WOT ... until you discern the conceptual error for yourself - or get bitten by it. There's a difference between Web of Trust and Web of Tryst.
This is incorrect. Please see these links where this information is freely available.
http://www.mywot.com/en/faq/website/rating-websites#manipulation
http://www.mywot.com/en/faq/website/reputation-problems
I agree with this. This system must slowly decline in value.
I liked your article and found it helpful. As with everything you can't cover every situation that happens. Good article.
A question I have for you is, Once an entity has your name and e-mail how do you back track them to taken it back, or get them to stop using your and email?
"Once an entity has your name and e-mail how do you back track them to taken it back, or get them to stop using your and email?"
There is no way to do that for sure--I've even had legit-seeming unsubscribes have no effect.
If it's a concern, use one of the one-time email services, ie where the address ceases to function a few minutes / hours / days after you use it. Can't find a list of those here on a quick search...
Fyi there are also similar credit card services, ie one-time numbers.
"one of the one-time email services"
Found one:
http://10minutemail.com/10MinuteMail/index.html
I'm not sure what type of entity you are referring to. Do you mean criminals or a legitimate site?
Frankly, I won't shop at any site that does not allow paying through PayPal. This keeps my info out of all sites but one.
That's certainly one way to go. However, I believe that as long as the site is trustworthy other options can also be considered.
Having recently been caught by a dud site the information given would have been invaluable. Fortunately my Bank picked up the dud transaction and saved me further drama. Changed Card and away again being much more vigilant. This will help in the future.
Thank you.
Please let me know if you have any questions.
Good afternoon.
I tried out URLVoid by submitting two sites delivered to me by what I new to be phishing emails. both came back as "Clean".
I will be interested to reae any comments on this.
Actually,
I had a similar "all CLEAN" results experience,
with URLvoid.
It was for the compromised web site:
"code DOT kliu DOT org"
associated with the author
of the "QuickDrag" Firefox extension.
(which used to be good, now contains ads & spyware).
See the most recent extension user comments,
in the MOZILLA extensions web site:
https://addons.mozilla.org/en-US/firefox/addon/quickdrag/
The ext. Author's site
was marked by Google's Safety site
as having had:
"...malware in the last 90 days...". !!!
When I dug deeper into URLvoid's enthusiastic
"all CLEAN" rating,
I saw that one of the entries:
WOT (Web of Trust),
had _not even ranked the URL in question_.
This lack of WOT ranking was (wrongly) interpreted
by URLvoid as..."CLEAN". !?
Fail!
I wish I could, but cannot really trust URLvoid...
sorry.
Thank you for pointing this out.
In my next rewrite I'll explain better that a "Clean" rating for WOT can also just mean that the site isn't yet in its database.
As I mentioned in my article, URLVoid is only one tool to judge a site. I'm always looking for other ways, so if you have any advice please let me know.
Thanks.
The site trekker mentions is popular enough that it has the highest reliability level, 5 out of 5, on WOT. That takes a lot of individual ratings so trekker's experience of the site being unrated may not be that recent. Even so he identifies an important issue with meta-raters like URLVoid, they each have their own reputation rating system which is applied on top of the reputation raters they use.
If you use URLVoid (or similar sites like VirusTotal) you should also be sure to get a virus/malware scan report for the site because you are more likely to pick up any problem that has just appeared on a site. Online scanners are more limited than desktop AVs and more narrowly focused than raters so I wouldn't rely on them exclusively. For more info see the Supplement to Best Free Internet Safety Check.
By the way, VirusTotal was better protection than URLVoid when I tested them last year. Both sites have had significant changes since then so that may no longer be the case.
To clarify about WOT. It will not provide a positive rating until there is "enough supporting evidence". Either enough users, particularly those most trusted, have rated it positively or negatively, or a trusted third-party source rates it negatively. Even when it provides no rating, WOT will often have ratings in its database but not enough for them to give a rating with any confidence.
How can anyone comment without knowing which the sites were?
MidnightCowboy,
you are basically correct but many of these spammed links are from URL-Shortener services.
So only the URL-Shortenere service gets tested and reported upon; and that usually is a "good" web site, right?
I wasn't aware that only the URL-Shortening service got tested.
I'll test this myself and include a comment, and improved methodology, in the next rewrite.
Thanks.
I was not asking for comments on the iffy websites themselves but rather on the fact that URLVoid had labelled them as "clean".
pressiondegonflage,
please consider me previous reply to MidnightCowboy and maybe reconsider your reply?
Yes Eikelein, that is a good point as I suspect that a lot of people would not know the significance of URL shortening and the fact that it very effectively conceals the full and true origin from those who do not yet know how to delve into the guts of things !
Howevever when in doubt about site links I will always check the message properties>details>message source.
I think we are all in agreement on this and I am sure that this sort of exchange will be taken as useful advice rather than criticisms of other people's offerings.
Heck, if I knew it all, I wouldn't bother to read Gizmo so avidly would I ?
Nice talking with you.