How to tell whether a website is a phishing website?

For some time, fake websites and Trojan viruses frequently steal the passwords and funds of cardholders' bank cards. According to relevant sources, it is not difficult to see through these fake websites.

Teacher Liu from the Information Engineering Department of Liaoning University of Science and Technology said that criminals are not smart. They usually pretend to be emails sent by well-known companies (especially banks), tricking unsuspecting users into connecting to fake websites and asking them to enter confidential information such as user names, passwords or bank accounts.

Phishing tricks are nothing more than the following:

URL spoofing is the most common.

Teacher Liu said that website spoofing is the most common form of phishing, that is, constructing a false website address through certain technical means gives users the illusion that they are on the right website. At present, there are three common ways to construct fake URL.

1, display text and link address are different.

Example: Baidu

The function of the above code is to let users see the "Baidu" displayed in the webpage or email, which is actually a link to the Google website. It is relatively simple to identify this kind of deception. Just move the mouse over the link and you can see the actual link address in the status bar.

2. Insert two URLs and a table in the href tag of HTML.

For example: Google

This kind of deception is difficult to identify. The URL you see on the web page is Google. Even if you move the mouse to the link, it still looks like a link to www.google.com's website on the status bar, but once you click the link, you will find that you are linked to Baidu's website.

Users should always pay attention to the changes of the address bar when surfing the Internet. Once they find that the domain name on the address bar has changed, they should be vigilant. Only in this way can they effectively avoid being caught.

3. Using IE's grammatical errors

Example: Baidu

In many unpatched computers, if the URL address is written as "","easyabc.95599.cn", "www.abc95599.com" and "www.e95599.com". There is only one word difference between www.95569.cn (the website has been closed) and www.95599.cn, but they are worlds apart.

2. Page-based content cloning

Using the LOGO, charts, news content and links of the regular website on the fake website, the only difference is to enter the location of the account. Once a user logs on to a website, it is difficult to tell which website is a regular website and which is a fake website through common sense.

Take precautions to avoid being fooled.

In fact, the best way of self-protection does not need too much technology, and it can be prevented from the aspects of link source and use occasion.

1, link source

1) For the short message sent by the bank, carefully check the source of the short message. If the account number is involved, call the bank to confirm it.

2) Ignore the email asking you to re-enter your account information, or you will stop your credit card account.

3) Don't reply or click on the link in the email. If you want to verify the information in the email, you can contact by phone.

4) If you want to visit a company's website, visit it directly with a browser. Before entering the website, you need to confirm the source of the website. It is not advisable to click on links in emails and instant messaging tools such as QQ and MSN.

5) If a website contains the "@" symbol, you should realize that it is totally unnecessary for ordinary websites to use the "@" symbol, so don't use this website.

2, the safe use of online banking skills

A simple method can help you use online banking safely. Take the website of China Industrial and Commercial Bank as an example to introduce it.

When you enter online banking, don't rush to enter information when you see the input box. At this time, check whether IE enables the encrypted link (see if there is a small lock icon) and check whether the certificate is valid (double-click the small lock icon to open the "Certificate" interface to check its validity period). It is best to check whether the certificate matches the address of the address bar (select "Certificate Path" in the "Certificate" interface and check "Certificate Path"). If one of them doesn't match, be careful.