WEB-FORGERY : HOW SAFE WE ARE ON NET
Continuing the legacy of internet security write-ups for Freefeast family, here is the small write-up on Web-Forgery, one more effort from our side to bring this phishing attack into the lights today.
Before starting with web-forgery, I would rather start with forgery, which as per the sources is defined as “The process of making, adapting, or imitating objects, statistics, or documents with the intent to deceive”
The basics remain the same, just the deceiving idea here goes online!
In this,the flaws in the script of actual sites are used for deceiving purpose, wherein the user lands on the original website, and the script which is running on website is manipulated by the hackers by means like placing a picture of a legitimate URL over the address bar, or by closing the original address bar and opening a new one with the legitimate URL.
For Non I.T Visitors: Scripting is the extended programming, which is done for dynamic input/output flow of operations with the users. It is based on the inputs and directions given by users.
The hackers are not only confined to this, when the anti-phishing softwares/plug-ins were thrown in market, which were capable to catch phishing text on the sites, they now use flash based sites, wherein the text is embedded in some form of multimedia content which is skipped by text detectors.
However in this malicious games of “black-hats” we also do have the “white-hats” who are Ethical Hackers and who cater to such types of attacks daily.The technology is advancing and so are they ! Latest updated and upgraded Anti-Phishing softwares / services are smarter than before, and easily catch such practices of hackers.
All we need is the basic knowledge, alert mind-set and frequent updating; we can drive this vehicle called technology very far, ofcourse with a little caution!