WHAT IS A PHISHING PAGE?

What is Phishing?

Phishing in its simple sense is a way of 'fishing' out a user's login details of a website. A phishing webpage looks very similar to a website but has other motives behind it. For example, this is a webpage that looks exactly like facebook, when you click on Sign In, it will redirect you to another webpage /login.php where it will quickly collect the Username and Password that you wrote and redirect you to the original Facebook website.

Most of the users wouldn't notice this in the URL, they would overlook it and mistake it for having entered the wrong credentials.When they enter it the next time, they would simply login without any hassle as they are now on the original website, without even realizing that the Password has been hacked!

Demo: http://bragtools.com/phishing-demo/
Stored Data: http://bragtools.com/phishing-demo/passwords.txt

How can I protect myself?

Usually phishing involves stealing personal data such as the ones below.

• Usernames and passwords
• Social Security numbers
• Bank account numbers
• PINs (Personal Identification Numbers)
• Full credit card numbers
• Your mother’s maiden name
• Your birthday

There are several ways through which this attack is launched.

Emails - Mostly through emails with fake sender's info using the technique called Anonymous Mailing.For instance, with anonymous mailing, I could send a mail from billgates@microsoft.com right into your inbox and you would actually believe it to be true. It would look very legitimate and say something like this:

"Your Password has to be reset, please follow the link("Phishing Page") to confirm you're username and password."

Though such mails look very convincing, it is important to cross check the Sender's Mail, and report such a phishing immediately.

Courtsey : Wikipedia.com

Chats - Chatting online in chat rooms or on Facebook with strangers can potentially compromise your computer in a number of ways. Clicking on unsafe links such as 'check out my xxx pics' has been shown statistically to be used often against teenagers. Therefore, not opening links randomly without any proper understanding of the website can help you protect your account.

HTTPS - Always look for an HTTPS on the website, it ensure safe passage of information from your computer to the website. Especially with websites that involve credit card and bank information details.

Falsifying Details - You can always be extra sure by giving in fake login details and see how the webpage responds to it, if it quickly redirects you to another website then you could be sure that you dodged a phishing attack.