Malicious URL (unified resource locator) authenticating method and device

The embodiment of the invention discloses a malicious URL (unified resource locator) authenticating method and a malicious URL authenticating device. The authenticating method comprises the steps that a URL contained in the content of a communication message is matched with a preset URL blacklist; if the URL is successfully matched, a risk prompt is generated, if not, the IP address of a sending end of the communication message is matched with a preset IP (internet protocol) blacklist; and if the IP is successfully matched, a risk prompt is generated. The malicious URL (unified resource locator) authenticating method and the authenticating device can remind a user after the user receives the communication message containing the malicious URL. In the technical scheme of the embodiment, the malicious URL can be authenticated without authenticating the website content of the malicious URL, so that the authentication effect of the malicious URL is effectively improved.