Explaining phishing to newbies - Protect your Facebook


What is phishing?

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to fool users,and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

Basic Concept of Phishing:-

Recently we posted a tutorial on how to do Tab napping (learn here) and discussed there the use of phishing pages. So, we are demonstrating that how phishing is done to aware you all. We will show you a facebook phishing page and a general description of the method on how to make such page.

Note : All this is for awareness and educational purpose. Don't be crazy enough to fool innocents. Furthermore, we won't share specifics as it can fall in the wrong hands.

So, the hacker makes an exact copy of the facebook, orkut, yahoo, msn or any other bank sites login page and then he uses a script to get the password and username and embeds that script in the forum of the login field. 

So! the basic scheme of phishing is demonstrated by pictures in case of facebook original login page. See the pic below :
Thats the orignal source code of facebook login page and when we login our action is sent to the url written next to the highlighted portion. Notice the domain name, it's original facebook.com

Note : A good way to detect phishing is by noticing the domain name in the action field. If it's real then you are safe.

What hackers do they copy all he source code of facebook phishing page and replace this url with their own exploit. For this example, we have given this exploit with the name of write.php in the download package. So, it will become as below :
And thats it Login forum is now attached with exploit. Thats the basic concept. The write.php takes the input fields data when a person tries to login to his facebook without realising that he is using a fake website rather than the original.

How hackers make this process possible:-

1.First of all they will need a free hosting.

2.Now, they will need to upload the script files to their fake website. Additional Promotion: For uploading use Filezilla I too like this open source software for handling ftp servers.

4.Now! both files are uploaded and they have to send your hosting or fake website link to the victim [ (Use social engineering to fool him/her, Shorten the url]

5.Victim opens the page and thinks that its a real facebook page and logins there. So his keystrokes will be recorded in the hackers which he chose at step 1 in a .txt file. 

6.Another trick for sending the Url is by email spoofing. ( Read Detailed article on Email Spoofing here.) In email spoofing they hyperlink the phishing page link with facebook.com and then by using social engineering you will excite victim that login below to earn instant dollars or else your account be deleted Blah Blah! Stay safe, greed is curse.

How to remain safe from phishing attacks:-

Main help is your eye. Keep an eye at browser Address bar. and check isn't there any url like:
www.facebook.t35.com or www.facebook.110mb.com or www.fakefb.110.mb etc...

Use an updated version of  browser and it will detect phishing script.

Use nod 32 or any other good antivirus. I have posted a free Nod in my Site Search it.

Update:- Read tutorial on new kind of Phishing "The Desktop Phishing":-

Hackers use another method to redirect original website i-e Facebook to their fake website:- Remain Safe from Desktop Phishing - A Silent Phishing Technique In this technique hackers have a physical access to your computer.