What’s phising? Wikipedia has a really detailed explanation on this very word, and so I save myself from explaining it too much. To me, phising is a method that hackers use to trick people into entering their sensitive credentials onto a fake website that made to look like a real one, and after the victims being tricked, usually the hackers got what they were after such as a bank password.
Why am I talking about phising? Well, on this post, I’m not trying to talk about phising in general, because there are countless of phising attacks that hackers know and use them. Nonetheless, most phising attacks usually depend on a user’s carelessness from the start, and one example would be an email claimed to be a bank email with a malicious link which led to a fake website made to look like a real bank website.
Even worse, there is a new phising attack that uses Javascript to infect your browser somehow, and then it changes a legit website into a fake website when you’re not looking. As a user opens more than one browser tab, an malicious Javascript automatically changes one of the browser tabs into a malicious website made to look like a real website such as Gmail, and in combination of attacks add on top of this very dirty phising attack, a user can be tricked into giving out his or her sensitive credential.
All phising attacks that hackers use are stuffs of nightmare, and this one is no different. This is why I love to use Firefox with Noscript plugin. This plugin has worked wonder for me as it stops all Javascript from working unless you allow certain portion of website to do so. To end this post with a doubt, I could be very wrong of how this phising attack works its dirty magic, because I’ve got to know this scary phising attack from reading it here. Feel free to correct me on my lack of understanding about this phising attack, and don’t go try this, or else you’ll be in a world of hurt as in being locked up by the FBI or whatever enforcers that would go after hackers.
A New Type of Phishing Attack from Aza Raskin on Vimeo.
Vinh Nguyen
