Embodiments provide a malicious website address prompt method and a router. A router acquires a target website address in a network access request in access of a user terminal, determines whether the target website address is a malicious website address, and if determining that the target website address is a malicious web site address, sends prompt information of intercepting the target website address to the user terminal. Malicious web site address intercept software does not need to be installed in the user terminal, and the security of Internet surfing of a user is improved in a case in which the malicious website address intercept software cannot be installed in the user terminal or is not installed by the user.