| Mobile| RSS

Underground - Password Phishing

martes, 16 de diciembre de 2008 | Tags: | 0 Comentarios

Phishing is a method of obtaining sensitive information such as usernames and passwords by pretending to be a trusted website. Tehdead shows us a variety of password phishing techniques that enable an attacker to trick a user into giving up their login information. The first step is to create a fake login identical to the login on the trusted website. In order to not raise suspicion, Tehdead explains two methods to capture the victim’s password and then transfer them to the real website. One method is to sumbit the information to a php page that is disguised as a pop-up advertisment, and the other is to send the username and password to a simular php page that is contained in an iframe. Lastly, Tehdead describes how to use link manipulation with BBcode to social engineer a victim into going to the fraudulent website.





Full Scale Video Here

Download Here

0 Respondiendo

Publicar un comentario

Ciber Protesta

Blog Archive

Labels

Blogumulus by Roy Tanck and Amanda Fazani

Twitter