About Phishing Sites

Posted under Microhierax Blog | Share this on Yahoo Messenger

Digg this Post | Sphinn this Post | Add to Delicious | Add to Technorati | Add to Propeller

About Phishing Sites After years of working on different servers for several clients and maintaining a email scam alerts site, I came to realize that some if not all websites having these Phishing pages are victims from hackers trying to exploit the servers.

One cause could be the coding used by websites such as unsecure PHP scripts and file permissions. Some of the sites I have worked on have been hacked and hackers upload their own files that they use to send out mass email scams and phishing sites. Another cause could be the servers themselves are not secure enough to become a web server.

The typical files loaded to the server are: a mail form (either PHP or ASP), fake html pages of a site with login form, images used for the fake site and a sendmail form to send all the login details entered to the fake site. These files are uploaded and scattered everywhere on the site’s server so make sure you delete all of them once your site gets hacked.

Some phishing sites do actually look like the real site, the only difference is the domain name. One example would be this: The real site is https://www.securedomainwebsite.com/login.php and the fake site is http://securedomainwebsite.com.anothersite.com/login.php.

Monsters.com recently sent out an advisory on how to detect a phishing site. Here are some examples.

In essence, if you own a website, make sure all the scripts used are secure & get a stable web hosting services from popular and reliable companies, and if you have several accounts to financial sites, always use a secure browser & Internet connection.

Check my other posts:

View Blog Archives: Click here

About Phishing Sites

Leave a Reply

ALSO READ

I RECOMMEND

CHECK THESE OUT