You are viewing a single comment's thread from:

RE: Warning about phishing links

in #scam3 years ago

Very interesting find. Very sneaky form of attack. Scary thing is it is so easy to register a domain name and even SSL certificate these days. Also scary because anyone can pretty much run a frontend for condenser, but it is hard to know if the site is trustworthy or not. Thanks for the article, I find this kind of thing super interesting. Will be following you.

Some of the guys that do phising like do make use of url shorteners to hide the actual link. Or from what I could tell in your post they used steem markup to disguise the actual link. In the case where the use a url shortnerer for example tinyurl then you can actually check what the link redirects to by making use of curl. You can do it like this:

$ curl -I https://tinyurl.com/2fcpre6

See the output. The actual url it redirects to is in the "Location" section in the response.

This link for example was a tinyurl link for the video:"Rick Astley - Never Gonna Give You Up". Haha I got you!

Anyways tinyurl has a feature where you can take any link shortened by tinyurl and preview it by prefixing tinyurl with "preview" like this: https://preview.tinyurl.com/2fcpre6.
Just take in mind that tinyurl is one of many sites that people could use to shorten a url. Twitter even have their own site that they use to shorten any links posted on twitter. My curl trick should work on almost any url shortener, but if you aren't that technical I would suggest that you try:
http://www.checkshorturl.com/ which you can use to check shortened urls. For example I did a check for this url that was shortened by twitter's url shortening service: https://t.co/LGaAniJH32

Something you can also do if you aren't sure if a frontend/site other than steemit.com is legit or not is to use security related reputation checking site to check what other people have to say about the site. Here is a list of sites you can use to check if the site is flagged as malicious by other users or not:
https://www.threatcrowd.org
https://www.virustotal.com/ (It has a feature to check a url and there is a very handy comments section)
https://www.phishtank.com/
(Btw I check sleemit.com and its not mentioned on any of these sites yet , unfortunately).

Sort: