Tuesday, November 22, 2016

How to Tell If A Website Is Dangerous

How to Tell If A Website Is Dangerous

Nowadays, it's not easy to tell whether a site is safe to visit or not. Many dodgy and dangerous websites are being designed to look respectable. Therefore, you should always make sure that the page is safe before visiting – there are multiple ways you can do this. It's especially important to check out the safety of the website before providing sensitive information such as your credit card numbers, banking information, you email address and so on. 

In general, you should be wary of a site which asks you for unnecessary personal information or a credit card or bank number. This is usually strong evidence that the site is trying to steal your personal and sensitive information. Furthermore, you should also be wary of sites which offer something too good to be true, has intrusive adverts, multiple popups, or tells you that to install a plugin to view their content.

For such sites, you should definitely consider using the methods below to determine whether the site is safe to be visiting.
How to Investigate a Site before Visiting
Computer - Guide - Safety
If the source of a link seems suspicious, for instance if it came to you in an unrecognized email, we would recommend that you don’t click on it until you are 100% certain that the site is safe. To copy the link for analysis, without having to visit the site, you can just right click on it and select “copy link address”. However, if the link appears as a shortened URL, you must first unshorten it before testing – if you don’t do this then the analysis will actually just test the safety of the site that shortened it.

To unshorten the link all you have to do is visit this site and paste your shortened URL into the box. This will provide you with the actual URL, which you can then copy and paste into the sites below.
General Approach to Analyzing Sites
1. Check Site Using Zulu URL Risk analyzer and Comodo Web Inspector
Computer - Guide - Safety
The first thing we would suggest doing is copying the website’s full URL into Comodo Web Inspector. However, this analysis can take a while, as it does an in-depth real-time analysis of the site in question to check for malicious software. Once it has finished analyzing the site it will present you with its findings. If the website is rated High Risk, it’s very likely that the site is dangerous. If it is rated as Suspicious, the site is probably dangerous.
If you want a second opinion, copy the URL into Zulu URL Risk Analyzer. After it has finished analyzing your URL, it will provide you with an overall risk score of how dangerous the site is – the score ranges from 0-100, with a score of 100 being very dangerous. While we have seen it rate a safe site as Suspicious, we have never seen it rate a safe site as malicious. Therefore, if it rates a site as malicious you can be pretty sure that the website is dangerous.
2. Check Site Using VirusTotal and URLVoid
To check the site against an extensive database of known dangerous websites you should paste the website’s URL into VirusTotal. If the site was rated a while ago you should select the option to rescan as new dangers could have been added to the site since it was last scanned.

Also, copy the URL into URLVoid. This is a similar site to VirusTotal since it also checks the site against an extensive blacklist. If presented, select the option “Update Report”, as this will provide you with the most recent results.  
3. Check Reputation of site Using Web of Trust (WOT)
Computer - Guide - Safety
Underneath the URLVoid results you will find a Safety Scan Report. At the top of this report there should be MyWOT. Click on “view more details” and you will be taken to a page which gives the website a trustworthiness score out of 100 – the higher the number the more trustworthy the site. This trustworthiness score is helpful when trying to decide whether the site is dangerous or not. You can also read other people’s comments to see whether they have anything negative to say about the site.

Another very useful aspect of WOT is that most popular sites should already have been rated. Therefore, if you find yourself on a popular site such as Paypal, Gmail, Facebook and so on, but WOT says that the site is yet to be rated, it may be that you’re on a phishing page.

No comments: