处理钓鱼诈骗网站

[happypeter]

我们可以做一期视频，内容是，如何辨别和处理钓鱼诈骗网站，强调安全性问题

[happypeter]

我的微博收藏了阿彪的一个关于钓鱼的微博

[happypeter]

百度一下有很多材料。

禁用网站 js

如果网站的 allow-origin: * 那么确实有被人植入 js 代码的危险。 研究一下 rails 的 http://en.wikipedia.org/wiki/Cross-site_request_forgery

注意 url 的细微变化

这个好执行，看看百度的排序就知道了，排在最前面的肯定没问题，不然早就被举报了

[happypeter]

假基站可以更换电话号码的指向 假的 DNS 当然也可以把正确的网址指向陷阱网站

[happypeter]

http://ruby-china.org/topics/16322

[happypeter]

收到一封邮件

Dear User:
WARNING: BE INFORMED THAT DUE TO HIDDEN FILES ON YOUR MAILBOX, YOUR GMAIL ACCOUNT WILL EXPIRE SOON.
To prevent an interruption with your Gmail services, please take a few moments to update your account by filling out the verification and update form immediately.
CLICK ON THE LINK BELOW AND PROCEED WITH YOUR EMAIL LOG IN TO UPGRADE AND PROTECT YOUR GMAIL ACCOUNT FROM CLOSURE.
Click here to secure your account
Thanks for your understanding. Gmail Team

http://joyfulwedding.net/verify/Gmail/Gmail.htm 要我输入用户名密码

[happypeter]

[happypeter]

他们录成动画了，挺好的 http://knewcoin.com/episodes/37