For Xiaobai, it may be impossible to distinguish between two websites that are the same. Today I will share with you how to identify a phishing website. I hope it can help you. Don't wait for two-dimensional codes in the scanning group, and don't enter important account passwords on the website at will. Today I will identify a phishing website on the spot and take you step by step to analyze it. Don't spray experts.

Cause:

Just today, I received a Tencent document content shared by a group member in a QQ group of the school, entitled "List of 2019 Subsidized Students". As a student, I must want to open it immediately to see if I have won a prize! However, at this moment, I suspected that it was a stolen number, and sure enough, Open a QR code inside to save the picture and scan it with WeChat So I went to the bottom!

I scanned this QR code with the QR code scanned by QQ browser, jumped to a link, and found that I jumped to the interface for logging in QQ mailbox. Comparing the official one with this website, I don't often see it carefully, but I may not find it. In fact, there is a lot of intrigue.

The correct QQ email login is as follows:
 Once I identified the phishing website, all the pirated numbers were inadvertently

The QQ email of the phishing website obtained by scanning the QR code is as follows:
 Once I identified the phishing website, all the pirated numbers were inadvertently

Some people may have questions here. What if it is not a pirate website or a phishing website? Then continue to look down.
For Xiaobai, we can enter the account password at will and click Login to see what the reaction is~
After I clicked, the page was refreshed once, without any prompt, and then I jumped to the correct official login interface of QQ mailbox. This is to make the user mistakenly think that his/her password was entered incorrectly, and then enter the password again. This time, as long as he/she entered the correct account password, he/she would surely be able to log in successfully, so that he/she would not suspect that his/her account has been stolen.

Next, we will carefully analyze what happens when you click Login, and why your number is stolen?
We open the phishing website, then open the F12 review element, select the network, and then randomly enter the account and password, click Login to check the status of network requests.

 Once I identified the phishing website, all the pirated numbers were inadvertently

**The request link is to send the account password we filled in to the server and save it. Then the other party will know the account password you entered. The principle is so simple. We can usually use the domain name of the website to first determine whether it is a phishing website, and then, for the first time, do not enter the correct account password, click Login to see what the response is, and do not scan unfamiliar QR codes.

More network security can be found in my other article《 15 Internet habits are worth your attention, and farewell to being ripped off 》If it is helpful to you, you are welcome to share it with the identity person, and stay away from ID theft**

Article Contents