Ask HN: Best way of dealing with fraudulent websites
My partner was caught out by a website which impersonated a UK government website. I've reported the domain to the registrar, the domain which is used to host the data collection service and reported the IP address to the owner of that IP address range.
Any other techniques which can get it taken down quickly?
The original site was https://gov.allowance-uk.top/payment.html and I followed the data collection to https://u2.wyzadmin.top/index.php/click/loadMainPage?page=job/payment.html
4 comments
[ 1.4 ms ] story [ 31.8 ms ] threadsome services will check for example age of certificates etc. to try and determine legitimacy of a site which can be fairly effective.
i cant recommend a certain tool tho as most ive used are propriatary and too expensive for individuals. at home i try not to visit any link :').. open it at work :D where theres enterprise level url filters
Teach your partner safe browsing habits: How domains work, and to never trust anything government unless it's from a .gov.uk directly before the first slash. Bookmark their banks for them and tell them to never access anything banking-related except from those bookmarks, and never from a link or an email. If in doubt, just have them wait and ask you.
My partner got scammed out of $300 a few years back. Told her to never send money to anyone online without checking with me first, and we've been fine since.
-----
If you really want to, you can report the link to non-government blocklists, like:
- Google's: https://safebrowsing.google.com/safebrowsing/report_general/
- uBlock Origin's https://gitlab.com/malware-filter/phishing-filter#phishing-u... and https://gitlab.com/malware-filter/urlhaus-filter#malicious-u...
But I wouldn't bother. They can make them quicker than you can report them.
She did spot that it was fake a few minutes after inputting her details and we then blocked all her cards. So all they got out of it was some semi-private details (name, address etc).