+ 16

How can i read phishing or spoofing message?

20th Aug 2018, 2:32 PM
Crystal!!!😎
Crystal!!!😎 - avatar
15 odpowiedzi
+ 16
thank u so mch😇 Rahul Sharma
4th Oct 2018, 12:23 PM
Crystal!!!😎
Crystal!!!😎 - avatar
+ 10
Just A Rather Ridiculously Long Username there are url link or websites with some hidden codes behind it and when you click on it a virtual page appears that looks like your browser called as phishing whose aim is to get your personal info. so i want to ask how can i read that link ? And how can i detect that it contains malacious codes?
20th Aug 2018, 3:00 PM
Crystal!!!😎
Crystal!!!😎 - avatar
+ 7
thanks Sarvesh✔
21st Aug 2018, 11:50 AM
Crystal!!!😎
Crystal!!!😎 - avatar
+ 6
Their are many ways to detect such as:- 1.If you have programming knowledge open source code of page and you will notice that filling data is send to the specific file instead of server. 2.Search for that Page on google and try to match the link of that page with your(phising) page and if their is differences its a trap. 3.Pay attention to the domain for ex: Facebook website is: facebook.com while phising page domain look like: fàcebook.com(notice "a") façebook.com(notice "c") faceBook.com(capital "b")
21st Aug 2018, 9:52 AM
Sarvesh Yadav
Sarvesh Yadav - avatar
+ 5
Please elaborate a bit more so your question is easier to understand.
20th Aug 2018, 2:50 PM
Just A Rather Ridiculously Long Username
+ 4
If you come across a link that looks suspicious, you can just right-click it and select 'Copy link' and paste it somewhere to see the 'hidden code'. If you want to block popups like these altogether, use AdBlock.
20th Aug 2018, 3:10 PM
Just A Rather Ridiculously Long Username
+ 4
Sarvesh✔ You are describing an IDN homograph attack; this was used recently with the fake site adoḅe.com. Writing generally to the thread, browsers have some security measures--like converting to punycode* when URLs are not in your native languages--but they're not perfect. And...unicode still poses security issues for users and programmers off-browser. For example, right-to-left override is amusing...until someone figures out why security people don't like it. Security software can help with character trickery, but in general, an elegant first-strike programming solution to the character mess seems to be missing. * Example: xn--domain.tld Google: Punycode
22nd Aug 2018, 5:41 AM
Kirk Schafer
Kirk Schafer - avatar
+ 3
N00B bro i know i just gave an example big companies don't have this vulnerabilities but in many cases it occur such as MITM Attack or spoofing.thats why i tooked that if you are not satisfied i will change the example😊
21st Aug 2018, 5:56 PM
Sarvesh Yadav
Sarvesh Yadav - avatar
+ 3
Well first depending on whether you wanna verify a text or a URL or an e-mail , your web browser for instance is capable of displaying and verifying security certificates such as SSL which most of the phising techniques generally don't carry, but doesn't guarantee there's no phising(applicable for both URLs & emails) as these can be altered easily, then there are other entities such as point to point or end to end layered encryption, digital signature(s), name resolution by DNS & other specifications which can be viewed through browser or in shells where ARPs are scanned for identifying network elements serving, to verify the authenticity. In general, malicious websites tend to load in background and often go unnoticeable by most of us; can have multiple intentions to affect the victim's systems in many potential ways as we tend to use services unprotectedly making us vulnerable to these, similar to what happens when you open one of those emails which in majority are nothing but a spam.
4th Oct 2018, 11:37 AM
Rahul Sharma
Rahul Sharma - avatar
+ 2
Sarvesh✔ The last example won't work because domains are case insensitive.
21st Aug 2018, 5:37 PM
N00B
+ 2
N00B can you explain your confusion?😕
21st Aug 2018, 5:39 PM
Sarvesh Yadav
Sarvesh Yadav - avatar
+ 2
Kirk Schafer yeah✌
22nd Aug 2018, 5:44 AM
Sarvesh Yadav
Sarvesh Yadav - avatar
+ 1
Sarvesh✔ It doesn't matter if you go to facebook.com or to faceBook.com. You will always get to facebook and not some phishing website unless your security is low. Domains are case insensitive.
21st Aug 2018, 5:49 PM
N00B
+ 1
Talking of SPOOFING, in general calls or texts can easily be spoofed using various tools especially the newer packages and APIs extracted and installed respectively which are even harder to detect by the service providers as the Imitation code at times is harder for tools to decipher but there's a catch, your service provider may not how and where from a text or call is spoofed or originated but it can know the underlying infrastructure following the protocols that are in action and can spot but it can't be auto-blocked in most of cases almost immediate, neither you can know in most of the cases that if you are encountering such an event. I hope that gives some illustration to what you actually wanted to know.
4th Oct 2018, 11:57 AM
Rahul Sharma
Rahul Sharma - avatar
+ 1
You are always welcome 😇 Crystal!!
4th Oct 2018, 12:27 PM
Rahul Sharma
Rahul Sharma - avatar