Stop malware and phishing scams: Tools to help identify shady websites

Have you ever visited a website and wondered where that site and its owners are located? Shopping sites are particularly of interest, because most people want to know who the seller is and where the seller is located. Casual online browsers may also find themselves on sites that dump malware onto unsuspecting PCs, plant malicious pop-up ads, or phish for private information. Others may stumble upon sites that push conspiracy theories, hate rhetoric, or violence, which they may want to avoid or expose.

Wouldn’t it be great if there were a service that revealed this information? Well, there is, and here’s how to use it.

Using WHOIS to sniff out shady sites

Many sites and organizations provide identifying site information for free. The most notable is ICANN (Internet Corporation for Assigned Names and Numbers), a private non-profit corporation that allocates space for IP addresses and manages domain names (among other things). The service is called WHOIS, and it provides a long list of biographical information for every website in the world. 

ICANN emails website owners (or administrators) of new sites and owners of modified existing sites requesting that users verify and update the information on all of their websites. Many people ignore these emails, but new ICANN rules demand that you respond, or ICANN will suspend your domain name (thereby, your website) for 72 hours to 15 days. To avoid suspension, add ICANN to your email whitelist. If you are suspended, visit the ICANN website to discover how to reactivate your website.

ICANN’s diligence is good news for most legitimate websites, but not so good for sites that prefer to remain anonymous. Not all anonymous sites are unscrupulous. Many site owners need to protect their privacy from fans, stalkers, professional competition, or other risks.

JD Sartain / IDG Worldwide

ICANN warning message

Similar sites such as WhoIsHostingThis and Whois.net, and dozens of others are just as reliable. Your own host provider may even offer this service.

Keep in mind, however, that many websites use a domain privacy service (aka proxy protection service) like WhoIsGuard, Proxy Protection, or Domains by Proxy to protect users’ private information from being displayed on the Internet. These sites mask the site owner’s information and replace it with the host provider’s or proxy service’s information. 

So, how does one discover the hidden information on a protected website? As of this writing, you cannot legally access protected information without a valid subpoena from a law enforcement agency or representative thereof. There are workarounds, such as querying a passive DNS/WHOIS server (as opposed to a live WHOIS database server) using programs such as SecurityTrails, SurfaceBrowser, Deteque, DomainTools, and dozens more. These programs use a variety of techniques, such as cross-checking data from different datasets, studying WHOIS historical records, or researching associated domains, to name a few. None are simple, easy solutions, which is why most everyday web surfers don’t use these methods.

Scam trackers, fraud lists and site blockers

Because protected “Who Is” information is so difficult to obtain, consider using Internet Fraud Detection services such as your state’s consumer protection agency, the Bureau of Consumer Protection, or the Federal Trade Commission. The U.S. government offers guidance on avoiding and combating scams and frauds, including lists of known perpetrators.

Reputable organizations that track this information for free include the Better Business Bureau’s Scam Tracker, which allows you to search by keywords, scam type, location, and date. Fake INet is another free service that provides a “Scam Finder” search box. Enter the URL of a suspicious website and, if guilty, Fake INet displays the site onscreen. Scam Detector and We Get Scammed For You are among the many dozens of other free services.

02 better business bureaus lists of unscrupulous websites JD Sartain / IDG Worldwide

Better Business Bureau’s lists of unscrupulous websites 

For a comprehensive list of hate group sites, try the Southern Poverty Law Center, Wikipedia’s White Nationalists site by location, or the Anti-Defamation League. If you stumble upon a suspicious site, use these services to find out more, and block it on your web browser if necessary

For propaganda (aka fake news) websites, check Wikipedia’s List of Fake News Websites,” Professor Melissa Zimdars fake news sites, the Daily Dot, Snopes, or Media Bias/Fact Check.

For pornography or other similar offensive sites, install Safernet, OpenDNS Family Shield or OPenDNS Home, Google’s Safe Search, or any of a dozen other products that range from free to $99 a year. If in doubt, just search on the site name or URL, followed by keywords such as “complaints,” “reviews,” “offensive,” “fake,” “fraudulent,” etc., and see what comes up.

If you’re serious about digging up the dirt on a site, there are verification companies that provide current reports for dangerous or disreputable websites. But these services are NOT free. For a hefty fee of $199 for one day’s worth of data or $399 for 3 days’ worth of data, you can receive a report that lists the current fraudulent websites scamming Internet users. However, note that most of these services are owned by companies in the locations you’re trying to avoid.

My advice: Use the reputable “lists” sites that are offered for free.

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.



Source link