What is Phishing Emails and how it works?
I am sure that you all must get some emails saying that you
have won lotteries or might be you got first price in something.
These Emails are called Phishing email.
Let’s take a look of it: -
On the top image you can see, how it looks like.
The purpose of Phishing emails is to get sensitive
information from the victims.
To get the information Hackers
can put phone number on the email asking to call on this number to make your
account safe and secure once again and while the victim will call on that
number they will use their skills to get as much as information possible from
the victim.
The second way is that they can
provide a Phishing website link as on the top image, when the victim goes to
this link and put his user name and password that will be transferred to Hacker
and they can use this information the way they want.
As you can see it’s very simple,
Just right down an email send it to somebody and wait till he/she will get
trapped but this is not the way hackers use. They do not send it to 1 person
and wait till he/she will get trapped. They send it to a group of people and
for this they use a simple php script.
Let’s take a look of the script:-
<?php
mail('abc.abc@abc.com',
'Your Email Has been Hacked!', 'This
is to inform you that your email has been Hacked, to make it safe and secure
again, please call on 000-000-000 or go the link www.abcdef.com/index.php',
'abc@bank.com: ---')
?>
Now on the top you can see a simple php script in which a
email is going to abc.abc@abc.com (victim)
the subject of the email is “Your Email has been hacked” after that we have the
body. You can see in this email hacker has provide the link and the phone
number both after that you have a from address from where this email come.
And if you are a php programmer you can easily link a
database full of emails with this php script instead of victim address it will
be send to the whole group of emails you have in database.
So this was just a demonstration how this thing works and
after making that script you just have to upload it into your web server and
just call it.
The best way to prevent or be safe secure against this type of E-mail scam is never clicked on any unwanted link provide by the email.
Warning:-
As you know this is only for learning purpose and this is
completely against the Law however if you want to just do a practice so you can
do it own yourself but if you are doing it to third person you are breaking a
law.
No comments:
Post a Comment