Tuesday, October 02, 2012

Phishing

The first documented use of the word  "Phishing" took place in 1996.Most people believe it originated as alternative spelling of "fishing",the idea being that bait is thrown out with hopes that while most will ignore the bait,some will be tempted into biting.

  So what is this Phishing all about?.One day you find a email from Facebook saying "Suspicious activity has been identified regarding your account.Please login with this link and change your password and verify your details immediately".Let us assume that a Mr.X uses that link and updates the password for his Facebook account.The next day Mr.X tries logging in and finds that the username and password does not match.Such a scenario can happen to anyone sitting across the internet.It could be you.

Formally defining,The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. Phishing is a social engineering technique used to deceive users and exploits the poor usability of current security technologies.All online accounts are vulnerable to this threat and can be hacked.

To understand the importance of this Phishing, try  hacking your friends gmail account.
Step 1: Download the Phishing pages of gmail. Phishing page means HTML page mimicking the gmail page.
Step 2: Upload the file in your server.
Step 3: Send the link to your friend.
Step 4: Your friend uses the link to login and verify his password.
Step 5: Through a backend PHP file the password is stored in log.txt.
Step 6: Congrats. You have your friend's password.

For detailed steps and download click here .

Note: This is just for education purposes to protect your own accounts from getting phished because phishing can go to the extent of accessing your bank account and password.

Stay tuned.

0 comments:

Post a Comment