Helping people with computers... one answer at a time.

Avoiding websites that are questionable or suspicious is common advice from internet security gurus - but just what does that mean?

So just what is a "questionable" or "suspicious" website?

It's not uncommon for computer support people such as myself to admonish computer users to never visit questionable or suspicious websites, as they're often a source of malware, scams and other bad things.

But just what does that mean?

Yes. Well. Ahem.

It's kinda like an apocryphal definition once applied to pornography - it's difficult to describe, but you'll know it when you see it.

The problem is that when it comes to web sites by the time you see it, it might be too late.

If It Sounds Too Good To Be True...

Many websites actually live up to the "web" moniker by attempting to attract visitors whom they then ensnare with malware or worse.

The "clue" is the enticement to visit the site in the first place. Free this, or easy that, expensive things at unbelievably cheap prices, unbelievable pictures of this or that situation or public figure ... these are all common techniques to entice you to click on a link.

"If you're not sure, don't click."

Don't.

If you're not sure, just don't.

"Unbelievable" is a good word in those descriptions; just remember the old adage: If it sounds too good to be true, then it's very likely not true at all.

Porn

I debated about including this topic, since I know it's difficult not to be judgmental about pornography. Unfortunately, it's also a classic category where many malicious sites fall.

I'm guessing you'll fall into either of two camps.

To many all porn is evil and that pornography sites might be including malware is just further proof of their bad intentions; people visiting porn sites deserve what they get - be it malware or something else. That makes this easy: you can skip this section since you're avoiding all porn anyway.

To others, some adult sex material might be acceptable, and we certainly know that there's a lot of it available on the internet. The question becomes, once again, how to distinguish the safe from the malicious.

The promise of pornography seems to entice many people to visit sites that they wouldn't normally visit. As a result that promise is often used by hackers and worse to trick people into visiting sites laden with malware.

I'll repeat my earlier admonition: if you're not sure, don't.

How to be sure? Stick to "brand names", if you will. Most major publications that you'd probably recognize in a magazine stand in this space have online presences, for example. TV networks that specialize in adult content similarly have internet-based venues.

But above all - beware the phrase "free porn". Once again, if it's too good to be true, it probably isn't. The promise of "free porn" has likely infected more machines than people are even willing to admit.

Phishing

Phishing is, of course, the attempt to make you think you're going to one site when in fact you're going to another. A link might look like it's taking you to paypal.com, and the site you land on might even look very much like Paypal, but if you look closely you'll see that the link didn't take you to Paypal at all, but rather some hacker's phishing site. That site - looking like Paypal - is designed to encourage you to hand over your Paypal login credentials by "logging in" - at which point a) it fails, and b) the hacker now has your Paypal ID and password.

The key in that scenario is look closely. Make sure that links go to exactly where you think they will, that they did take you to exactly where they should have. How do I know that this web address is safe? has a good description of how URLs can be misleading, and what to look for.

If you're not sure, don't click.

Particularly if you're not 100% certain about the source of the link - perhaps it's on a webpage you've never visited before, or perhaps its in an email that you didn't expect or just feel funny about, don't click.

Instead, fire up your browser and enter the URL by hand or use your own trusted bookmark.

That way you'll know you are where you should be.

Tools

There are several online tools that can help.

  • Web Of Trust is a collaborative website rating tool where people can rate their experiences with individual sites.

  • Norton Safe Web is a similar service, based primarily on automated checks. Community reviews are available there as well.

  • McAfee SiteAdvisor is perhaps one of the better known services, and similarly performs some automated checks as well as providing a forum for user comments.

There are probably others as well.

Many of these sites may offer addons or software you can install that will integrate more closely with your browser and often will display safety indications in search results. It's important to note that those are only conveniences - you don't need them, though you're welcome to use them if you believe they'll be helpful. Even without the addons each of the three listed above will give you a site report based on a URL you enter, and much of the time that's quite sufficient if you're generally paying attention to the links you're being presented with.

My only concern with these sites, aside from the occasional false positive, is that community comments can be manipulated - a site owner could certainly amass an army of people to leave positive comments on a site that was fundamentally malicious. The take-away here is simply to realize that, take all comments with a grain of salt, and remember that, once again, if it sounds too good to be true, it probably is.

What Are Your Tricks ?

This is one of those situations where I do feel that I'm perhaps a little too close to the problem. I can typically spot a scam almost immediately, but I know that I'm not an average computer user.

So I'll also ask you: what techniques do you use to make sure that you're not about to fall for a malicious web site?

What alerts you to a website being "questionable" or "suspicious"?

Share your ideas in the comments below - we'll all benefit.

Article C4708 - January 14, 2011 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

12 Comments
Jonathan Coram
January 18, 2011 9:07 AM

Its all context to my amateur ways. If I google info on a town, its probably safe. If I search for 'the cheapest place to buy a gold mine, I check the site name, and if dodgy and I still want to satiate my curiosity switch on my 'zone alarm' private browser to tentatively look. If I feel contaminated, I run the programs cleaner, plus Ccleaner. Not been infected so far, but then I rarely look for free gold mines!

Steven
January 18, 2011 10:45 AM

One thing to remember...if you want to view a file and it brings up an installation dialog box theat asks if you want to install a program to see it, especially an .exe file or something you've never heard of then it's best you close it and look it up. Chances are gigh that you do not want it.

Charlie
January 18, 2011 2:31 PM

One excellent indicator to use is check for misspellings and/or bad English grammar/usage.

Another is to use the "show full headers" click-point if your email provider has one. The last two letters are the country code, and I don't touch anything with "ru" or "cn" in the full address, or any unfamiliar address, or for a product I haven't ordered.

Russian and China are competing with Nigeria to take our money...lots of it.

Cheers!

Wanda
January 18, 2011 2:48 PM

I am not sure why, but when I try to go to some websites, my Explorer closes completely! I am assuming that those are dangerous places to be and some protection process that I have is trying to tell me not to go there. I have Microsoft Securities and MalwareBytes on my computer.

Frank Golden
January 18, 2011 3:53 PM

I have WOT installed in all my browsers including the browsers I use in Linux.

My Avast! A\V program alerts me to bad sites and finally I run all internet facing programs in Windows in Sandboxie (I paid for a pro version after running the free version for awhile).

Anything that enters my sandbox cannot enter my computer unless I let it.

Closing the sandboxed browser deletes anything in the sandbox by default.

Geoff Tuke
January 18, 2011 6:44 PM

I always right click links and check 'Properties' which tells me where I could be going. Then if I want to 'validate' or whatever, I type the correct web address. Typically, Paypal, the banks. etc will NOT send you a link to click on, although I did once get a legit one from Paypal.
When I find a phishing link, I sometimes have a bit of fun with it by clicking on it, then giving false login details which I hope the spammer will then waste his time trying to use.
Perhaps if everyone did this, the spammers would spend most of their days following up false leads!!
What is everyone elses feelings about this?

Carol Putman
January 18, 2011 7:34 PM

Maybe I"m just overly paranoid, but doesn"t "clicking on (a phishing link), then giving false login details" put one at risk of downloading a tracking cookie, worm, or worse. I was under the impression that one should close anything suspicious using Alt-F4 and avoid clicking on any part of whatever it is, whether popup window, email, suspicious website, etc., to prevent the possibility of anything harmful being downloaded. I think some of the offending stuff was called a "driveby download" because you don't necessarily get a dialogue box asking whether you want to download.

Robert Barla
January 18, 2011 10:07 PM

It is the Trend Micro that works for me in my office. It advices on the "suspisous" sites and if it identifies it to be "dangerous" it does not allow it to open at all.

Rene River
January 19, 2011 7:10 AM

Everything is fi ne, explanation is good but for a person that does not know computer is useless, I read the instructions still I am unable and afraid to do it, one needs to know to do anything as serious as to reinstall windows. I have a friend who did it and destroy de pc.It is a job for a technician.thanks

Don Bagshaw
January 23, 2011 12:45 PM

I use the NoScript add-on with Firefox, which blocks "all javascript, java, and other executable content" from running without my approval. It is extremely comforting to have this level of control, particularly when surfing around for information, which may take you to unfamiliar sites.

Jeff Dillender
January 24, 2011 4:26 PM

The "ipads for $23.74? Save 90% on retail" ad above appears to be the perfect example of a link/website that should be avoided. It does sound enticing though...

Melinda
December 15, 2012 4:08 PM

My site has the label "suspicious" next to it when I googled it. I don't know why. It doesn't meet any of criteria you listed above. It is a Holistic Healing site... How can I get this "label" removed?

To begin with, get your site registered with Google's webmaster tools if not already, and check there for any diagnostic reports. If you're registered that's where they'll give you some clues as to what and why. https://www.google.com/webmasters/tools
Leo
16-Dec-2012

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.