Phishing website identification method and device

A technology of phishing websites and identification methods, which is applied in the field of communication, can solve the problems of not being able to be included in time and not be detected, and achieve the effect of high security

Inactive Publication Date: 2016-05-11
GUANGDONG OPPO MOBILE TELECOMM CORP LTD
4 Cites 0 Cited by

AI-Extracted Technical Summary

Problems solved by technology

[0004] The above detection method can detect 100% blacklisted phishing websites, but there is a certain delay in the collectio...
View more

Abstract

The invention provides a phishing website identification method. The method comprises following steps: receiving key information sent by a client; searching tag information corresponding to the key information; sending the tag information to the client so that the client can identify whether the current website is a phishing website according to the tag information; receiving a confirmation instruction which is sent by the client and is obtained according to the tag information; and sending a user information input interface to the client according to the confirmation instruction. According to the method and the device, before a user inputs a user name or a password, the user can know whether the login website is the phishing website; the user can be prompted timely; therefore the information of the user will not be leaked; and the security is high.

Application Domain

Transmission

Technology Topic

User informationPassword +3

Image

  • Phishing website identification method and device
  • Phishing website identification method and device
  • Phishing website identification method and device

Examples

  • Experimental program(5)

Example Embodiment

[0043] Example one
[0044] See figure 1 , Shows the method for identifying phishing websites provided by the embodiments of the present invention.
[0045] The method for identifying a phishing website, applied to a server, specifically includes the following steps:
[0046] In step S101, receiving key information sent by the client;
[0047] In step S102, search for label information corresponding to the key information;
[0048] In the embodiment of the present invention, before the step of receiving the key information sent by the client, the method further includes the following step: pre-establishing a correspondence table of key information and label information.
[0049] Then, the step of searching for label information corresponding to the key information specifically includes: searching for label information corresponding to the key information in the correspondence table.
[0050] In step S103, the tag information is sent to the client, so that the client can identify whether the current website is a phishing website through the tag information;
[0051] In step S104, receiving a confirmation instruction obtained according to the tag information sent by the client;
[0052] In step S105, a user information input interface is sent to the client according to the confirmation instruction.
[0053] In the embodiment of the present invention, when the key information is a string of characters or patterns customized by the user, the step of sending a user information input interface to the client according to the confirmation instruction specifically includes: according to the confirmation instruction, Send the user name and password input interface to the client.
[0054] For example, when the server receives the "ABCDE" input by the user, the label information corresponding to the "ABCDE" is searched for "I am a BABYTREE", this "ABCDE" corresponds to "I am a BABYTREE" is the user in the server beforehand The registered correspondence. Therefore, when the client user receives the "I am a BABYTREE" issued by the server, they can know that the current website is a normal website. If the client user cannot receive the "I am a BABYTREE" issued by the server , Then it can be determined that the current website is a phishing website.
[0055] It can be seen from the above that the method for identifying phishing websites provided in the first embodiment uses tags for each user when a user logs in to a secure website for the first time, that is, a table of correspondence between key information and tag information is established. When logging in to the website for the second time, after the server receives the key information entered by the user, the server will send the label information corresponding to the key information to the client user for viewing. At this time, the client user sees that the server has issued the information associated with it. After the correct label, click confirm. After the server receives the confirmation instruction, the user information input box will be issued. Since each user corresponds to a different label, even the phishing website can only collect user-defined content. , And cannot collect user names, passwords, and subsequent content. If it is a phishing website, when the user enters user-defined content, it cannot send the correct label information to the client user for viewing, so that the user can know that it is a phishing website. Therefore, the present invention can let the user know whether the website he has logged in is a phishing website before entering the user name and password, can prompt the user in time, so that the user's information will not be leaked out, and its security is extremely high.

Example Embodiment

[0056] Example two
[0057] See figure 2 , Shows the method for identifying phishing websites provided by the embodiments of the present invention.
[0058] The method for identifying a phishing website, applied to a server, specifically includes the following steps:
[0059] In step S201, receiving user name information sent by the client;
[0060] In step S202, search for label information corresponding to the user name information;
[0061] In the embodiment of the present invention, before the step of receiving the user name information sent by the client, the method further includes the following step: pre-establishing a correspondence table of user name information and tag information.
[0062] Then, the step of searching the label information corresponding to the user name information specifically includes: searching the label information corresponding to the user name information in the correspondence table.
[0063] In step S203, the tag information is sent to the client, so that the client can identify whether the current website is a phishing website through the tag information;
[0064] In step S204, receiving a confirmation instruction obtained according to the tag information sent by the client;
[0065] In step S205, a password input interface is sent to the client according to the confirmation instruction.
[0066] For example, when the server receives the user name "DILY" input by the user, the label information corresponding to the "DILY" is "Welcome to Mystery Paradise", and this "DILY" corresponds to "Welcome to Mystery Paradise". Correspondence registered in the server. Therefore, when the client user receives the "Welcome to Mystery Paradise" issued by the server, they can know that the current website is a normal website. If the client user cannot receive the "Welcome to Mystery Paradise" issued by the server , Then it can be determined that the current website is a phishing website. At this time, the server only needs to issue a password input box, because the server receives the user name information for the first time. In this way, the user does not need to re-enter the user name information, thereby saving input time.
[0067] It can be seen from the above that the method for identifying phishing websites provided in the second embodiment uses tags for each user when a user logs in to a secure website for the first time, that is, a table of correspondence between user name information and tag information is established. When the user logs on to the website for the second time, after the server receives the user name information entered by the user, the server will send the label information corresponding to the user name information to the client user for viewing. At this time, the client user sees that it was issued by the server After the correct label is associated with it, click Confirm. After the server receives the confirmation instruction, the password input box will be issued. Since each user corresponds to a different label, even the phishing website can only collect user name information. , And cannot collect passwords and subsequent content. If it is a phishing website, after the user enters the user name information, it cannot send the correct label information to the client user for viewing, so that the user can know that it is a phishing website. Therefore, the present invention can let the user know whether the website he has logged in is a phishing website before entering the password, can prompt the user in time, so that the user's information will not be leaked out, and its security is extremely high.

Example Embodiment

[0068] Example three
[0069] See image 3 , Shows the method for identifying phishing websites provided by the embodiments of the present invention.
[0070] The method for identifying phishing websites, which is applied in a client browser, specifically includes the following steps:
[0071] In step S301, send key information to the server;
[0072] In step S302, receiving and displaying the label information corresponding to the key information sent by the server, so that the client can identify whether the current website is a phishing website through the label information;
[0073] In step S303, a confirmation button of the tag information is displayed;
[0074] In step S304, receiving the confirmation instruction obtained by the user clicking the confirmation button, and sending the confirmation instruction of the tag information to the server;
[0075] In step S305, the user information input interface obtained according to the confirmation instruction sent by the server is received and displayed.
[0076] As an embodiment of the present invention, when the key information is user name information; the step of receiving and displaying the user information input interface obtained according to the confirmation instruction sent by the server includes: receiving and displaying the basis sent by the server The password input interface obtained by the confirmation instruction.
[0077] For example, when the server receives the user name "DILY" input by the user, the label information corresponding to the "DILY" is "Welcome to Mystery Paradise", and this "DILY" corresponds to "Welcome to Mystery Paradise". Correspondence registered in the server. Therefore, when the client user receives the "Welcome to Mystery Paradise" issued by the server, they can know that the current website is a normal website. If the client user cannot receive the "Welcome to Mystery Paradise" issued by the server , Then it can be determined that the current website is a phishing website. At this time, the server only needs to issue a password input box, because the server receives the user name information for the first time. In this way, the user does not need to re-enter the user name information, thereby saving input time.
[0078] As another embodiment of the present invention, when the key information is a string of characters or patterns customized by the user, the step of receiving and displaying the user information input interface obtained according to the confirmation instruction sent by the server specifically includes: receiving And display the user name and password input interface obtained according to the confirmation instruction sent by the server.
[0079] For example, when the server receives the "ABCDE" input by the user, the label information corresponding to the "ABCDE" is searched for "I am a BABYTREE", this "ABCDE" corresponds to "I am a BABYTREE" is the user in the server beforehand The registered correspondence. Therefore, when the client user receives the "I am a BABYTREE" issued by the server, they can know that the current website is a normal website. If the client user cannot receive the "I am a BABYTREE" issued by the server , Then it can be determined that the current website is a phishing website. At this time, the server issues a user name and password input box for the user to enter the user name and password for subsequent identity verification.
[0080] As a preferred embodiment of the present invention, after the step of sending key information to the server, it further includes: determining whether the tag information sent by the server is received within a preset time; if it is determined that the tag information is not received within the preset time The tag information indicates that the current website is a phishing website. Collect the relevant information of the current website; send the collected relevant information of the current website to the website reporting server. This solution enables the user to clearly remind the user that the current website is a phishing website in plain text instead of a network problem. It can also collect relevant information about the current website; send the collected relevant information about the current website to the website reporting server, So that more users will be informed.
[0081] It can be seen from the above that the method for identifying a phishing website provided in the third embodiment is that when a user logs in to a secure website for the first time, the server will label each user, that is, establish a table of correspondence between key information and label information. When logging in to the website for the second time, after the server receives the key information entered by the user, the server will send the label information corresponding to the key information to the client user for viewing. At this time, the client user sees that the server has issued the information associated with it. After the correct label, click confirm. After the server receives the confirmation instruction, the user information input box will be issued. Since each user corresponds to a different label, even the phishing website can only collect user-defined content. , And cannot collect user names, passwords, and subsequent content. If it is a phishing website, when the user enters user-defined content, it cannot send the correct label information to the client user for viewing, so that the user can know that it is a phishing website. Therefore, the present invention can let the user know whether the website he has logged in is a phishing website before entering the user name and password, can prompt the user in time, so that the user's information will not be leaked out, and its security is extremely high.

PUM

no PUM

Description & Claims & Application Information

We can also present the details of the Description, Claims and Application information to help users get a comprehensive understanding of the technical details of the patent, such as background art, summary of invention, brief description of drawings, description of embodiments, and other original content. On the other hand, users can also determine the specific scope of protection of the technology through the list of claims; as well as understand the changes in the life cycle of the technology with the presentation of the patent timeline. Login to view more.

Similar technology patents

Malicious website prompt method and router

ActiveCN104125209Aimprove security
Owner:TENCENT TECH (SHENZHEN) CO LTD +1

Credible virtual machine platform

InactiveCN101957900AImprove stability and attack resistanceimprove security
Owner:706 INST SECOND RES INST OF CHINAAEROSPACE SCI & IND

Intelligent door lock identity authentication method and system, readable storage medium and mobile terminal

ActiveCN109712278APrevent Identity Leakageimprove security
Owner:深圳市小石安防科技有限公司

Classification and recommendation of technical efficacy words

Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products