Next Gen Phishing Attack


 Next Gen Phishing Attack

 

what is phishing attack ?

Phishing attack is to attempt to steal the sensitive information like username , password credit or debit card details

How its working ?

Generally phishing attack works by copying the source code of the website example www.gmail.com. And attacker needs to change the action of the pasted code to attacker website to store the sensitive information of the victim 

Step 1 : open www.gmail.com

Step 2 :  right click -> view source code - > select all -> copy and paste it in notepad and save it in desktop name it as attacker like. Example : index.html

Step 3 : open the index.html , search for
and change it to

Step 4 : Upload into any hosting provider or own server. share that ip or domain name to victim . once victim tries to login password will be store in http://attacker.com/password.txt

 


Snapshot shows that how the attacker steal the password of victim using phishing method old one. Attacker have to share the IP address of the server or domain name to victim , if the person aware of phishing then he/she wont login .

What is URL Data Scheme 

The data URI scheme is a URI scheme (Uniform Resource Identifier scheme) that provides a way to include data in-line in web pages as if they were external resources. It is a form of file literal or here document. This technique allows normally separate elements such as images and style sheets to be fetched in a single HTTP request rather than multiple HTTP requests, which can be more efficient. source from Wiki

Format

data:[][;charset=][;base64],

open your index.html code and paste in below link to convert to base64 conversion 

https://ostermiller.org/calc/encode.html

 data:text/html;base64,

then place it in your browser and see 


Be aware of new type of phishing protect your self against phishing.