Should I Click

A machine-learning based tool to analyze if a URL is safe to click or not, created by František Střasák

 

“Should I Click” is a new web service and tool that can help users decide if they should click on a suspicious link or not. It uses machine learning systems that were trained with thousands of real attack pages.

Evil twin websites

Evil twin websites are phishing techniques to steal emails, passwords, credit card numbers and other sensitive data by creating a copy of the website that looks the same and shares the same design as the original one. Evil twin attacks are very hard to detect, as users need to check the URL of the website they visit every time to make sure it is the correct website they want to visit.

Example of a real Google identity verification page. We can see that the domain is accounts.google.com with a valid HTTPS certificate.

Example of a real Google identity verification page. We can see that the domain is accounts.google.com with a valid HTTPS certificate.

Example of an evil twin website attempting to imitate a Google identity verification page. However we can see that the domain is "minivale.com" and not Google Accounts.

Example of an evil twin website attempting to imitate a Google identity verification page. However we can see that the domain is "minivale.com" and not Google Accounts.

Scam websites

Scam websites are also phishing techniques. They often offer fake products to users with the aim of stealing their credentials. In most cases all this happens under time pressure. For instance, “You won a new iPhone7 and you have only  60 seconds to fill this information to get this phone.”)

Example of a scam website, offering a free iPhone to the user to steal his personal data.

Example of a scam website, offering a free iPhone to the user to steal his personal data.

Example of a scam website, offering a Spotify code to get a free premium subscription.

Example of a scam website, offering a Spotify code to get a free premium subscription.

Dangerous Behavior of a Website

Should I Click tries to detect harmful JavaScript code and crypto-jacking attacks by different approaches. Primarily it uses a honey-client to detect if a website tries to exploit the browser of the user. However, this function is still under development and it will be released in the next version of Should I Click.

Websites with Bad HTTPS Practices

For better security, the entire website the user is trying to access should use HTTPS. The lack of encryption can be a potential risk to your privacy. Should I Click checks how many of the requests generated by the website are encrypted. It also verifies the validity of the certificate of a website, and HTML "Log in" forms without HTTPS. For websites that do not use encryption or have issues with the certificate we give the verdict "You should not click", because it is transferring private data between you and the web server without encryption.

Protecting the civil society through high quality research