4 General Methods You Can Use To Detect Phishing Attacks

Danny Stieben 17-12-2011

anti phishingThe internet is one of the best tools known to mankind to do basically whatever you want. But Facebook, Twitter, Gmail, Dropbox, Paypal, eBay, bank portals, and so many more sites have twins that are actually phish.


A “phish” is a term for a scam website that tries to look like a site that you know might well and visit often. The act of all these sites trying to steal your account information is called phishing. While it’s very easy to spot some sites as a phish, others aren’t nearly as easy.

Here are four different anti-phishing methods you can use so that you don’t fall victim to phishing.

1. Use a Custom DNS Service

anti phishing
You need a DNS resolution service so that you can access all the sites that you go to. Your computer doesn’t automatically know where Facebook is (as far as its Internet address, or IP address, goes), so it needs to ask a DNS resolution service for that IP address. The good thing is, all Internet users have this service, thanks to their internet service provider. The bad news is that’s all they do.

Aside from name resolution, the DNS servers at ISPs do nothing else. However, there are some custom and independent DNS companies that do more than just name resolution. They can also filter sites based on content and malware/phishing concerns. There are many out there that can do this, but the most popular one (last time I checked) is OpenDNS OpenDNS Works As A Great Free Web Content Filtering Solution Read More .

2. Use Your Browser’s Phishing List

phishing scams
Did you know that modern browsers offer a phishing list? The browsers check the site you’re visiting against the list to see if it’s possibly a phishing site. If it is, your browser will start freaking out about it in your face like a good boy. For possible phishing attacks, why not throw out a big red page to warn you?


3. Use Sites To Check Links

In case you’re presented a link but you’re not sure about clicking it, you can copy and check it on a number of different sites. These can tell you whether there’s something bad about these sites, including malware and phishing. Where can you find all these wonderful sites that do this for you? Try checking out one of our articles 7 Quick Sites That Let You Check If a Link Is Safe Before clicking a link, use these link checkers to check that it doesn't lead to malware or other security threats. Read More on the subject.

4.  Use Your Own Ninja Skills

anti phishing
This may sound like useless advice, but using your own skills to detect phishing sites can go a very long way as well, and may even protect you from phishing sites that haven’t made it onto any lists that would throw an immediate flag. There are a few things that you should look for to see if you’re being faked:

  1. Look for a secure connection. This is usually identified by a green area in the address bar, along with https in the URL.
  2. Look at the domain of the URL. If you don’t know what the domain of a URL is, here is an example: The domain of MakeUseOf is, while the domain of PayPal is, and so on. Look to see that the domain is as it should be, and not something bizarre.
  3. Look at the site itself. If it doesn’t look exactly like the site you’re always used to, it may be a scam site. You can double check by opening a new tab and visiting the main page of the site you think you’re on (if possible). If they’re quite different, then you’re more than likely dealing with a phishing site.

Now that you’re equipped with these tips, you can take this handy little Phishing Quiz provided by OpenDNS where you are presented with screenshots of some websites. Some are real, while others are phish. You can take the quiz and see how well you do. Afterwards, you can see why a certain site is a phish and not real.


With these anti-phishing tools and tips, you are well equipped to spot phishing attempts and avoid them. Therefore, you’re much safer and your account information will remain private. If you feel enough like a pro, go and spread the word! The more people know how to spot phishing attacks, the better off they will be while surfing the internet.


How do you detect phishing sites? Do you think it is getting easier or harder to identify them? Let us know in the comments!

Image Credit: Shutterstock

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Biz Erk
    August 10, 2017 at 1:44 pm

    Also be aware of the redirect scam. I've noticed when I go to a site sometimes, I get redirected to another site. But I'm still confused about using Essentials. Because I am on a fixed income, free is wonderful. I also had to do a half format (repair) if that makes any sense when it got hit by lightning and it wiped out most of my data. Luckily the drive still worked. So, I've got Norton up my butt trying to get me to activate their software which I did once and uninstalled it to get MSE (thought Norton was slowing MSE down on a full scan ) because I've reformatted (Norton came with the Gateway software). Then I did a previous restore almost to the beginning when Norton was not activated. Almost every screen they are there to activate. So I'm pretty confused at this point. I've read articles that MS is the best and now I'm reading it's not really up to date. Also MSE on the long scan takes forever. Even though Norton is not activated, can it still interfere with the scan? Mostly the full scan? Or should I trash MSE and use Norton? Or should I completely use another virus scan. I have malwarebytes loaded but do I need a virus checker? I could and would appreciate some advice.

  2. freelance jobs online for beginners
    June 4, 2017 at 6:02 am

    Really amazing, Your articles were very nice and full of information. Thanks, great post. I really like your point of view!

  3. freelance jobs online for beginners
    June 4, 2017 at 6:01 am

    Really amazing, Your articles were very nice and full of information. Thanks, great post. I really like your point of view!

  4. lån utan inkomst
    May 14, 2012 at 1:59 pm

    Thanks for every other magnificent article. The place else may anyone get that type of info in such an ideal method of writing? I've a presentation subsequent week, and I am at the look for such information.

  5. invest liberty reserve
    March 6, 2012 at 5:18 am

    301 Moved Permanently I was suggested this website by my cousin. I am not sure whether this post is written by him as nobody else know such detailed about my difficulty. You're amazing! Thanks! your article about 301 Moved PermanentlyBest Regards Yoder

  6. Phish Hook
    December 27, 2011 at 4:23 pm

    You could intentionally put in an incorrect password.  A legitimate site will know the password is wrong, but a phishing site won't.

    • Aibek
      December 28, 2011 at 8:45 am

      good tip!

    • Danny Stieben
      December 28, 2011 at 8:25 pm

      Wow. Surprisingly simple. Who knew! :)

    • Hotdog
      January 2, 2012 at 10:52 pm

      That's a great tip, but it does mean you will actually access the site and expose your IP address to the crooks unless you've done something to hide it, right?

      • Jeff Fabish
        January 2, 2012 at 11:30 pm

        Your IP Address isn't private, anyway. An attacker who relies on the method of phishing (a skiddy approach to 'hacking' anyway) isn't likely to be very dangerous. Infact, the most ubiquitious question in underground hack sites is "What do I do with someones IP Address?", that should lend you some insight as to how much experience these children have.

        Either way, whether you put the correct password in or not, he would have still been able to log your IP Address.

  7. Mohamed Tair
    December 20, 2011 at 3:35 pm

    Yap Yap!! That right..
    thanks for informations ..
    still wating u're next posts,
    thanks again,

  8. Erin Symons, OpenDNS
    December 19, 2011 at 6:16 pm

    Great article that I'm sure many will find very helpful! Thank you for including OpenDNS as the best way to protect against phishing and challenging readers to our phishing quiz.

  9. Cell Travis
    December 18, 2011 at 7:04 am

    I use OpenDNS along with an anti-logger and BrowserProtect plugin on one of my computers. On the other, I have a VPN service installed so that my browsing habits remain private. The key is to balance between performance and security in a logical yet effective way.

    • Danny Stieben
      December 19, 2011 at 6:12 pm

      That is indeed the ideal solution, but most users don't want to have to do a lot to be "safer". For those who take the effort, that's great. Then there are others that don't even know what DNS, plugins, and VPN are.

  10. Jeff Fabish
    December 17, 2011 at 5:59 pm

    Good advice. What Exactly Is Phishing & What Techniques Are Scammers Using? is another great read, as well. If (despite this advice) you fall victim to a phishing attack, change your password immediately. Fortunately, you have the advantage here. The attacker must first check the logs, which could take quite a while. You on the other hand, should know that something is wrong when the site gives you some phony error or redirects you to the actual website.

    It's a good idea to change your eMail's password as well, as your username that you entered into the phishing site may be used to dox (research) the email linked to the account in question. Report any phishing attempts to anti-phishing and phishing-report[at]us-cert[dot]gov.

    • Danny Stieben
      December 19, 2011 at 6:10 pm

      Thanks for all that information, Jeff!