In-My-Opinion.org

»A vicious trick to steal your password!«


I just noticed a clever trick how to make somebody type in their password.

1) Find out somebody who is an online affiliate for a product (e.g. for amazon)
2) Find out his username at the company he is linking to. That is easy to do. Just go his website and inspect his affiliate links. In the affiliate link there is usually his affiliate ID or affiliate username. Let's say his affiliate ID is "123".
3) Set up a website that sounds OK (e.g. amazonaffiliatelogin.com) and make a simple username+password login box.
4) Find out his email and send the following text:
Our Affiliate Center has moved. It can now be found at

Please login using your username "123". Your password stays the same.

Now what is so vicious is that the affiliate will not usually suspect that something is wrong.
• Affiliate login pages DO move from time to time
• The email states his correct affiliate ID
• When he logs in, a message will be displayed "We are enhancing our Affiliate Area. Please come back in 3 hours!" or simply "Wrong password" which he will also accept since the email stated that the affiliate area is moving.


Vicious! And brilliant! Beware!


posted by knn
  

in-my-opinion.org -> Technology, Computers, Science, Internet -> Computers and Internet -> A vicious trick to steal your password!
The following post has been deemed OFFTOPIC. Do not answer it and do not quote from it or from parts of it. The reporter (knn) said: "Offtopic"


Within 5 minutes I was able to make a password harvester and send out scripts/software apps to unknowingly change the hosts file to point to my anonymously hosted password harvester.

Obviously being a non-malicious user I only did it to people I knew as a joke Stupid grin

Scary though how easy it is and that can be set up with minimal knowledge and a few VB (or RB) and PHP tutorials.

posted by nthdegree
  

The following post has been deemed OFFTOPIC. Do not answer it and do not quote from it or from parts of it. The reporter (knn) said: "Offtopic"

PHP is a toy language for kids.

posted by Master_Hacker
  

Welcome script kiddies


Master_Hacker:
PHP is a toy language for kids.

And look at the kids it attracts White laugh


posted by Marl64
  





Reply to topic






RegisterRegister
Log inLog in
 		The time now is 6 October 2008, 20:11
php B.B.