'); } ?>

Short Guide to Phishing WebSites Attacks

phishing attack feature

Short Guide to Phishing WebSites Attacks

Lately there are many scams that feign through phishing sites. The most popular was fraud in Facebook that penetrates over 18,000 usernames and passwords. Here is an explanation of what is actually phishing sites. If you want more info read here about phishing.


What is Phishing?!

Phishing is a web site or a copy of the Web site that requires input data such as username, password, email … and keep them in one .txt file that has access to the phishing web page creator. If you are already enter in a phishing site immediately change your password or username eventually.

Phishing Flow diagram

How does Phishing work?

Phishing up expands with emails or messages via social networks with content “look this picture [link]“, “Send free sms [link]“ … the link leads to a site that requires you to give information ( usually the web site that belongs to phishing web page creator ) .

scheme of phishing attack

How a Phishing Site Looks like?

As I said above web site looks like the original, the real web site. for example : Paypal, RapidShare, Facebook … Some ways that hackers use to send phishing link are: Often they send an email with a link to a short text ,example: “Click here or so. with a link”. Or Instant Messaging service with words like: “Look what I found [link]“, “See the picture [link]” ….

Many Phishing sites are domains similar to the originals as: Facebook.tk or Faceb00k.com, or Rap1dshare.com using numbers rather than o or i  .

phishing attack in action

How to see if a web site is genuine or fraud?

  • Verify the name of the  web site to which the link leads, and email from which you take the link ,if it has to do with the web site to which it lead.
  • Watch the Secure Site Login page.
  • Watch whether the login page is SSL certificate. Many of the sites are with certificates ( example: https://facebook.com/ , or https://twitter.com/ ) if you do not see any certificate of login page it means that the site is a scam.
  • Go to the ViewSource of Your browser and look does is there command with syntax “method” without the quotes.
  • The result should be something like method = “get” (if method = “post” then it is NOT a phishing web page. Phishing web page  IS when syntax is method=”Get”).
  • Also look for text “action” without quotes. This is used less than “method”. If it is like this, then will come action = “NameOfFile.php” (example:  If it come like mail.yahoo.com/…. “then is NOT a phishing site)




I hope this article will help you NOT to Fall for a frequent phishing  attacks, where you can lose a lot of important data, and not only that.