Phishing and Reporting a Phishing Website

Phishing- This is The Big Time Headache For the Entire Web. Like Me and You, Everyone across The World can be Victims of Phishing Scam.

What is Phishing?

Phishing Website is nothing but a Fake Website Which is made to Appear as a Authorized/ Popular Website, Just To Grab your Personal, Login Related Information.

Why does one design a Phishing Website?

A Hacker would Generally Design a Phishing Website. In General, The Login Pages of Popular Sites like Facebook, Gmail, Orkut, Twitter are Faked by an Hacker.

A Phishing Web Page will be 100% Similar to the Original One…
By Faking a Page, Hacker Could Easily gain account sensitive information like Passwords, Credit Card Numbers PINs and others without your Knowledge!

phishing

How does a Phishing Website Work?

Building a Phishing Website is not a rocket Science. Even I, You, and The Person who is now going on Street could easily develop a Phishing Website. Within Minutes!
A Hacker will First Fetch the Source of The Login Page of Some Popular Websites, like Online Bank Websites, Social Networking Sites and also The Pages which ask for your Credit Card Information etc..

The Hacker Identifies the html form Tag in The Page…

Just for an example… Here is How the source code of Login Page would Look like:

<form action=”AUTHENTICATION PATH” method=”GET”>
Username <input type=”text” name=”username”>
Password <input type= “text” name= “password”>
<input type=”submit” name=”submit”>
</form>

How Does a Hacker Manipulate This Code and Turn This into a Phishing Site??

The Hacker Will be Manipulating The Original Login Code Like This

<form action=”HACKERS PATH” method=”GET”>
Username <input type=”text” name=”username”>
Password <input type= “text” name= “password”>
<input type=”submit” name=”submit”>
</form>

Hacker Just Changes the AUTHENTICATION PATH to his own Path HACKERS PATH in The Field “action” in the above shown code.. Now what Happens? The Information You entered LIKE “username” and ” password” will be sent to HACKERS PATH… A Basic Script which stores your login Information which is present in “username” and “password” field.

The Hacker Hosts This Manipulated Code on his website. This Manipulated Login Page when Hosted on server under Certain URL is nothing but a Phishing WebPage. Whatever Information Entered in Phishing Page will be Known to Him!

So a Hacker Generally Passes This Link to Everyone on The Web by Spamming or Individually Targeting his Enemies. Hacker Beautifies the Phishing Site URL further like… facebook.hackerssite.com/login.php or hackersite.com/facebook , Since The Hacker uses Similar Phrases in URL like facebook while hacking a facebook account… There are Very Low Chances That People could Recognize That The Link they are Viewing is a SCAM site or PHISHING Site.

The Hacker would Generally Sends a Message Leaving a link.

Hi I saw your Photo is That You?? http://PhishingSiteLink.com.

Here is How I was about to get Trapped.. When I saw a Direct Message from an anonymous Person in Twitter Inbox.. The Tweet Looked liked This…

Phishing Link

I Clicked on That Link….Expecting That He Might have Seen Me SomeWhere.. As Soon as I Clicked on the Link.. it Showed me a Twitter Page to Login…

Phishing Twitter

Thank God! I observed The Address Bar, Which was Other Than twitter.com! See The Address Bar in Screenshot.. That was Not at all a Twitter URL!

Fortunately, I was Not hacked as I didn’t Fill That Fake Twitter Login Page..

How did I report a Phising website?

Google Runs a Program where You Could Report The Fake Websites Like This [Phishing Sites] ..You Need to login for Google Safe Browsing and Mention The Found Phishing Site URL along with your Comments.

google Report for Phishing

If Your Report is appropriate. Google Flags the Website Showing a Warning Message on Phishing Page Informing Users about Possible Threat. Google Pops up in the The Site saying is a Phishing WebSite.
pop

How Do I identify a Phishing Website?

One Easy way is To Observe The Address Bar of any Website where you [Login] enter Sensitive Information like Username and Password. Authenticate yourselves only on Authorized and Original Web Pages.

Learn More About Phishing Here

Fight Against Phishing Sites By Reporting it to Google.
Join The Anti-Phishing Groups in helping To Trace The Phishing Sites on Web.

Have you been the Victim for a Phishing Scam? What Measures do you take to Prevent yourself entering a Phishing Site?