Introduction to Phishing E-mail
What is Phishing Emails and how it works?
I am sure that you all must get some emails saying that you have won lotteries or might be you got first price in something.
These Emails are called Phishing email.
Let’s take a look of it: -
On the top image you can see, how it looks like.
The purpose of Phishing emails is to get sensitive information from the victims.
To get the information Hackers can put phone number on the email asking to call on this number to make your account safe and secure once again and while the victim will call on that number they will use their skills to get as much as information possible from the victim.
The second way is that they can provide a Phishing website link as on the top image, when the victim goes to this link and put his user name and password that will be transferred to Hacker and they can use this information the way they want.
As you can see it’s very simple, Just right down an email send it to somebody and wait till he/she will get trapped but this is not the way hackers use. They do not send it to 1 person and wait till he/she will get trapped. They send it to a group of people and for this they use a simple php script.
Let’s take a look of the script:-
mail('firstname.lastname@example.org', 'Your Email Has been Hacked!', 'This is to inform you that your email has been Hacked, to make it safe and secure again, please call on 000-000-000 or go the link www.abcdef.com/index.php', 'email@example.com: ---')
Now on the top you can see a simple php script in which a email is going to firstname.lastname@example.org (victim) the subject of the email is “Your Email has been hacked” after that we have the body. You can see in this email hacker has provide the link and the phone number both after that you have a from address from where this email come.
And if you are a php programmer you can easily link a database full of emails with this php script instead of victim address it will be send to the whole group of emails you have in database.
So this was just a demonstration how this thing works and after making that script you just have to upload it into your web server and just call it.
The best way to prevent or be safe secure against this type of E-mail scam is never clicked on any unwanted link provide by the email.
As you know this is only for learning purpose and this is completely against the Law however if you want to just do a practice so you can do it own yourself but if you are doing it to third person you are breaking a law.