June 15, 2022

What are phishing sites, why are they dangerous and where to complain about them?

By Azlyrics

The Ministry of Digital Affairs is launching a new monitoring system “Antiphishing”, which automatically detects phishing sites, the ministry announced this.

What is phishing and phishing sites?

Phishing — this is a type of Internet scam, through which attackers gain access to confidential user data (login, password, bank card data), as well as offer malicious software for download, sell non-existent services, and so on.

Phishing sites — these are fake websites of government agencies, banks, popular social networks, marketplaces and other companies. They look like the originals, but they have the wrong domain name. For example, instead of “online.sberbank.ru” it says «onllinesberbank.ru».

As a rule, scammers lure users to phishing sites via SMS or email, suggesting that they urgently follow the link, under some pretext.

What is the essence of the new system for monitoring phishing sites ?

As explained in the Ministry of Digital Development, the new monitoring system for phishing sites automatically detects, collects, processes, organizes and stores information about sites that masquerade as official resources.

Anti-phishing information system; allows you to:

  • track new, re-registered and transferred domains at a rate of up to one million addresses per hour;
  • save information about suspicious resources in a database for subsequent checking for phishing;< /li>
  • stop phishing sites.

The department stressed that the main result of the — this is the blocking of malicious phishing resources on the territory of the Russian Federation. So, according to the results of an experimental check, the system blocked nine thousand sites with confirmed phishing within two months.

Where can I complain about phishing sites?

If you find a phishing site or become a victim of scammers, you need to file an online complaint on the Anti-Phishing website. (paf.occsirt.ru). Information about the malicious resource will be sent to the monitoring system, which will check the site for phishing.

You will need to specify in the application:

  • Malicious resource URL (domain name of the resource with “http://” or “https://” at the beginning of the link);
  • the date the suspicious site was detected;
  • what language the malicious site is in;
  • your email address for feedback.

How to identify phishing sites?

Experts recommend: before opening a link you need to check how reliable the source that sent it to you is:

  • carefully check the name and domain from which the email is sent (check it online);
  • most emails from legitimate companies do not come from gmail.com, live.com, etc.
  • check for obvious spelling errors in the subject and text of the message;
  • impersonal “From” fields; and “To” may be a sign of phishing.

If you have gone to the site, then do not enter personal data until you are sure that it is safe. Phishing sites can be distinguished by several signs, for example:

  • lack of SSL certificate — popular sites use SSL encryption to transfer user data, so their site addresses begin with “https://”, but if the site of a bank or airline begins with “http://”, this is a reason to doubt the originality of the page;< /li>
  • grammatical, spelling and design errors on the site (outdated design, inconsistency with the corporate style of the company, etc.);
  • broken links on the site — if the site contains, for example, some sections, headings or links when you go to which, the page gives errors, then most likely you have a phishing site. 

If you became a victim Internet scammers, then be sure to contact the police. 

Sources:

t.me/mintsifry/1137

paf .occsirt.ru

habr.com/ru/company/varonis/blog/544140/

vc.ru/flood/37176-kak-opredelit-fishingovyy-sayt

Rate the material

Источник aif.ru