Facts About Phishing: An Internet Hacking Technique
What is Phishing? Phishing is a technique of stealing someone confidential information of a person by using some tricks. Types of Phishing:
* Link manipulation: Link manipulation is a most common phishing technique used to steal user name and passwords of email ids, online bank account etc. how this technique works is explained below.
* Website forgery: In this technique, phisher takes victim to a fraud site. He manipulates the address bar of victim's side by running some java scripts or by placing some image over a fake link to misguide the user.
* Phone phishing
According to different surveys phone phishing is spreading its hands worldwide. In this phishing, a fake call is made to a user which is claimed from bank or somewhere. Then user is asked to press account number and pin and they are recorded.
HOW LINK MANIPULATION TECHNIQUE WORKS
Note: I am writing this article for learning purpose only. DO NOT miss use it please. Phishing is illegal.
In link manipulation technique fake pages (duplicate pages) of a site are created. Then these pages uploaded to a personal site. After uploading, links to these fake pages are sent to victim.
Things you need to find out yourself:
* A site where you can upload your pages and it should support php.
* Find a login.php file which can save user name and passwords on your site as a text file.
HOW TO CREATE A FAKE PAGE
* Go to site whose fake page you want to create. Click on file option in menu bar and then click on save page as. Save this file with name webpage on desktop. This will create a folder named webpage_files on desktop and an html file named webpage.
* Now go to saved file (webpage.html), right click and click on open with. Open this file with WordPad. Now press Control key+F key on key board. Type gif in the given space and press enter. You will see that a gif file is prompted. Here you will find some thing like this
The place where I have written 1st part is actually the folder name. Replace it with webpage_files and the place where I have written 2nd part, its file name. Don't change it.
Make it like this
img src= "webpage_files/filename (not to be changed).gif"
Do the same thing with all gif files lying in that folder
* Click on save.
* Now open the site where you want to upload your page. You can find such sites by searching on Google.
* In your site, create a directory with name name webpage_files.
* Open this directory and upload all the files that are contained by the webpage_files folder on your desktop.
* Also upload login.php file in this directory.
* Now again open html file with word pad. Press control+f and type action=. Here you will see a path. Change this path to http://yoursite.com/webpage_files/login.php. Replace yoursite with the site on which you uploaded your files.
* Click on save
* Now come to main page of your site where all directories lie. Upload this html file (webpage.html) there.
* Now you are ready to go. The user name and passwords those are entered are saved in webpage_files directory as a text file.
How to prevent yourself from phishing
* Carefully see the full link of the page you are going to open.
* Do not give your account details on phone without confirming about the call.