Phishing Attacks

Phishing is a type of Internet scam which is used to acquire a users sensitive information by deception. It includes theft of usernames, passwords, credit card number, bank account details and other sensitive information. These days phishing attacks are getting very advanced in their exploitation of social engineering techniques. So in this post I am going to tell you how phishing works and how to prevent yourself from being a victim of a phishing attack.

About Phishing

Phishing technique was described in 1987. It is a attack to acquire sensitive information from user such as usernames, passwords, credit card details and other information too. In Phishing a Hacker creates a fake website which looks similar to legit website. The age of a phishing site is nearly 4-5 days but some advanced phishing sites can stay online for long.

How Phishing Works?

Phishing Emails are sent blindly to thousands of people around the world. Suppose you are checking your Emails and you find a Email from Facebook support team asking you to login on Facebook for confirmation of your account and they have provided a link which is like http://fbxyzconfirmation.xyz. 

So when you follow the link a new webpage similar to Facebook webpage will open and then when you login to that page. Your password and email has been sent to the attacker and you'll be redirected to another page.

Only For Educational Purpose

How Hackers Create Phishing Webpage? ( Example:Facebook)

• For creating a phishing page Hacker needs 3 types of files which are HTML file, PHP file and txt file.
• Now For creating this HTML file you need to go the the desired login page and right click -> View Page source -> Select All-> Copy All-> Paste in Notepad 
• Now After you page the html in the Notepad you have to edit it. you have to replace the login attempt ling to pass.php
• Now you have to write codes for a php files which will redirect user to another site and sends the email and password of victim to your site.
• The third txt file will be created automatically when the user login to the site.
• Now you have to upload these files to a hosting server and the Phishing site is ready.

How to Prevent yourself from being a Victim of a Phishing Attack?

• Beware of the links in email.
• Even if the email is sent from a big company first check the details of email. It can be sent from a email spoofing site.
• Check the grammar and Spelling in the email because a cyber criminal is not known for their grammar but a big organisation or a company will have a editors who will not allow to send these kind of mass emails to users.
• Phishing Attackers most of the time sends you threat that your account would be closed if you didn't confirm or click on these links.
• Phishing attackers might also send you graphics which looks legit but make sure to check every email details
• If you find some suspicious link in your email or inbox do scan it with anti-virus URL scanner sites such as Virus Total
• If you are suspicious about a link then for the first attempt enter wrong password and then enter the right one after you fail to login.

Related Post

You might also like How Hackers hack your Facebook account? In this post I've explained what are the attacks a hacker can use to hack your facebook account, How to secure yourself from being hacked and what are the measures to be taken from being hacked.

Conclusion 

In this Post I've Tried to explain you what phishing is but this is all for educational purpose do not try to use this attack on other as it is not legal. If you have any question regarding this post or need any other additional information do comment below or write us.