Main Forum Articles CodeBase Login Register Affiliates TopSites Rules

DarkMindZ Articles

Phishing for Dummies


Phishing for Dummies
written by ClownFish

Phishing is...

Phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. eBay, PayPal and online banks are common targets.
Phishing is typically carried out by email or instant messaging, and often directs users to enter details at a website, although phone contact has also been used. Phishing is an example of social engineering techniques used to fool users.

That's the WikiPedia explanation.

From the victims view it's no more than this:
- Victim gets an e-mail from someone
- It's a normal e-mail, but somewhere in the mail the victim is being asked to click on a link
- most of the time it's this kind of link:



<a href="http://40.32.567.12/live.php" target="_blank">http://login.live.com</a>




- the victim clicks on the link and thinks he has to login on that website before he sees the 'real content'
*the victim doesn't know that he isn't on "login.live.com" but he is on "40.32.567.12/live.php"*
- the victim fills out the form, and also gives his msn password
- then nothing happens and the IE or Firefox window closes.

This is a very classic example of phishing.
I'll explain the steps which you are going to take when you are going to get a password, creditcardnumber or something like this from your victim:

first you should know what you need:
- A webhost, and the IP adres of this host (don't host it at home!! that's too dangerous)
- A e-mail adres wich seems to be very normal like firstname.surename@gmail.com
- A simple e-mail script
- Photoshop
- Photoshop knowledge
- PHP knowledge

Maybe you say...why do I need a e-mail script....well you want to send these things to you e-mail right? ;)

- First make a screenshot of the login.live.com website
- Import that to photoshop, and remove the things that shouldn't be shown on the website that your victim is going to see
- cut the form out of the image so we can put our e-mail form there
- slice the image in photoshop so you can use the "save for web' thing in the file menu, and save it as a html page.
- in that html page place the code of the e-mail script, and give your e-mail adres as the target of the mail.
- place the page on your host
- send your victim a mail like:



Heey dude,
Long time no see! Do you remember me? From that holiday about 4 years ago? I guess it was you, I have a few pictures ofthat vacation of me with you. Whatch them here: <a href="yourip/yourscript.html">My Windows Live Space</a>.

I hope to speak to you soon!
Greets,
John Doe




This is just a very simple example as it could be done....it's not really hacking, but it's just testing the stupidness of the victim. Doing these things isn't legal, so be aware with it. Especialy with phishing things as creditcardnumbers and so on. So never ever ask how to get someones msn password, now you know it!
Submitted by:  ClownFish

Share it:

Add to Google! Stumble It! Reddit! Facebook Digg!
User: D3F4C3R
Comment:
good tut for a beginner....i don't know about the photoshop bit, but new techniques are always goodwink
User: ClownFish
Comment:
well yeah photoshop is (in this article) just a tool to make the site look like the original...
[ Admin Panel ]

Vote for us daily! Progenic List | Hacking Sites | DarkMindZ TopSites
© 2006 - 2008 DarkMindZ. Contact Us - Donate To DarkMindZ - Sitemap