Bitcoin Forum

---

• Investigate every link’s final destination - To find out if a link is real, hover over it with your mouse and look at the link’s destination in the lower-left corner of your browser.
  This is the real destination, regardless of what the text says.
• Be cautious with shortened links- Scammers are like chameleons. They know how to mask their tactics by resembling actions that consumers are already familiar with… like shortening links. Phishers are hip to this trend and employ it themselves.
  Watch out for shortened links anytime you’re tempted to click, as they might lead to a fake landing page.
• Look for the “s” in https://website.com- Some websites start with HTTP:// and others with https://. The “s” in the latter stands for secure and will show a little lock icon next to it.
  Those websites are safest for browsing and purchasing. Stick to secure websites whenever possible.
• Don’t allow remote access to your computer- Yep, it happens. Someone reaches out pretending to be from a well-known security firm and wants to help you install software protection on your computer.
  1. Don’t install anything from an unverified source.
  2. Especially don’t give that unverified source direct access to your computer. That’s a hard no-no.
• Trust your gut instincts- If an email looks or feels off to you (even if you have very little reason to think so), trust your instincts. You’ve likely seen a garbage phishing email at some point, littered with typos and grammatical errors, unprofessional imagery, and just not a clean, crisp experience like you’d normally expect.
• Set up two-factor authentication- Many organizations offer two-factor authentication for an extra layer of security. Take advantage of this whenever possible so no one else can log in without needing your device.
• Finally, use good judgment - This goes without saying, but it’s perfectly true. The best thing you can do to protect yourself against phishing attacks is plain and simple common sense.
  
  Avoid the unknown. Don’t:
  1. Click unknown links
  2. Download unknown files or files from unknown sources
  3. Open attachments (even on social media) from untrusted sources

---

SOURCE - https://www.emailonacid.com/blog/article/industry-news/how-to-prevent-phishing/?cpc_keyword=&utm_term=&utm_medium=cpc&utm_campaign=Blog+traffic&utm_source=google&hsa_tgt=dsa-41848713900&hsa_ad=389406680086&hsa_net=adwords&hsa_ver=3&hsa_cam=6829404198&hsa_kw=&hsa_acc=2227309727&hsa_mt=b&hsa_src=g&hsa_grp=74929239010&gclid=Cj0KCQiAm4TyBRDgARIsAOU75sqYulLWa6TiQynCr0j0fMuGN3iLTGWvuercqQOPF2gm462P_-MVsOgaAnbUEALw_wcB

Honestly, this post is very useful for newbie who don't know about how to prevent from phising attack. I also appreciate about your thread to help many members here.
No offense, but I think your post is do plagiarism from other site https://www.emailonacid.com/blog/article/industry-news/how-to-prevent-phishing/?cpc_keyword=&utm_term=&utm_medium=cpc&utm_campaign=Blog+traffic&utm_source=google&hsa_tgt=dsa-41848713900&hsa_ad=389406680086&hsa_net=adwords&hsa_ver=3&hsa_cam=6829404198&hsa_kw=&hsa_acc=2227309727&hsa_mt=b&hsa_src=g&hsa_grp=74929239010&gclid=Cj0KCQiAm4TyBRDgARIsAOU75sqYulLWa6TiQynCr0j0fMuGN3iLTGWvuercqQOPF2gm462P_-MVsOgaAnbUEALw_wcB
It's same meaning and way, but you only make a different word and change a bit for explaining the point. I think next time while you want to make a topic, make sure share the source and make something more original.
Keep it up!

Nowadays, hackers and scammers are always there. So avoid that clickbait, joining airdrops and claiming rewards are prone to the next victim of phishing sites. Bookmarked the previous site you've used is also recommended to avoid phishing sites.

Anyway, this is also a helpful thread. [GUIDE] Use this for identifying Scam/Phishing Websites & Exchanges in Crypto (https://bitcointalk.org/index.php?topic=5122515.0), wrote by @GreatArkansas.

If you guys found phishing links kindly report to google.

Nope. HTTPS does not mean that the site is good for browsing and purchasing. It only means data is transferred over a secure connection. There are plenty of malicious sites, scam sites using HTTPS. And there are plenty of good site still using HTTP too.
HTTPS does NOT mean legit site. Be careful guys.

Changing password would also be helpful keeping your account safe and secure and you must use a password manager to help you manage your password and avoid forgetting your password if you have change password recently. There are great password manager you can search like https://keepass.info/ for example.

This is how it looks when you hover the mouse to a "hyperlink" . Hyperlink is like a normal link but it's form can be a text, image, icon or graphic that can link you to a file, document or link. Refer to image above. This one is an image that you can see the link directly without hovering the mouse.

Take Note: Some link are not what you think, it may be a link as you can see but it's not just a link but a hyper link.
Example: https://www.google.com/#spf=1581364113135 (https://bitcointalk.org/) = This one looks like the link of the google website but when you click the link it will redirect you to bitcointalk.org.

It is true that some HTTPS websites are not legit. Even the phishing sites does have HTTPS just like the other legit websites out there.

Thanks for quoting it and I'll add some additional way of reporting the phishing/scam website ;
Identifying the domain registrar of the suspected website and get the domain information like using whois or any site to get the domain information and if you see some registrar contact information like email for reporting abuse domains or their email address/telelephone numbers,
Get those information,  provide the suspected website url, write some  reasons/description and send it.
It could help so the registrar itself can take down immediately the suspected website if proven guilty.