I am sure we have all had those moments when we are online, and might just be surfing the web, or maybe we have a specific search in mind. You find a website you want to go to, but you pause as you are unsure how safe it is; what next? Take a chance, or is there an alternative?
There are actually several organizations that offer free online tools for looking up websites that could be potentially threatening. Some of these tools provide history regarding the website, others examine the URL in real time to determine if there is any danger.
Below are some of the sites put together by Lenny Zeltser if you want to read more about him:
- AbuseIPDB: Provides reputation data about the IP address or hostname
- BrightCloud URL/IP Lookup: Presents historical reputation data about the website
- Comodo Web Inspector: Examines the URL in real-time
- me: Flags websites suspected of selling counterfeit products
- FortiGuard lookup: Displays the URL’s history and category
- Google Safe Browsing: Look up the website’s current status
- hashdd: Provides historical data about IPs, URLs, etc.
- IBM X-Force Exchange: Provides historical data about IPs, URLs, etc.
- Joe Sandbox URL Analyzer: Examines the URL in real time
- Is It Hacked: Performs several checks in real time and consults some blacklists
- IsItPhishing: Assesses the specified URL in real-time
- Kaspersky VirusDesk: Looks up the URL in a blacklist
- Norton Safe Web: Presents historical reputation data about the website
- Palo Alto Networks URL Filtering: Looks up the URL in a blacklist
The full list is on Lenny’s website and he always asks if you feel one is missing, to inform him so he can research.
He also has a list for Automated Malware Analysis Services and Blocklists of Suspected Malicious IPs and URLs.
Lastly, based on responses he received on Twitter, below are some poor recommendations people shared with him that they received that has been titled ‘Worst Information Security Advice Ever Received’. Hope it entertains and teaches at the same time:
- Don’t worry. It’s the trusted internal network
- We don’t need policy….we have all been working together for 20 years
- Why don’t you plug this mysterious USB key into your roommate’s computer?
- Don’t worry about malware if you have a Mac
- Don’t worry, no one will ever target us
- Use a password that’s seven characters long
- Your password may not exceed six characters in length
- Deploy it to production first, we don’t have time to test in QA