Social Engineering Phishing
06 Feb 2019This page is intended to show how I do during a social engineering phishing in EECS3482 at York University. This is not going to record any of the data you put in the form.
The process is simple, just download the whole page and modify the form. and it is done. It requires some HTML skill to understand how it works.
This is kind of attack that trick user put their password into a fake login form. And you will see your password in the URL bar in this case. That way, the attacker will record the password and find a chance to steal your account.
There are many ways to prevent. Simply look closely at the URL. Does it look different or is it SSL protected with a green lock and the name of the company.