Phishing (phishing, from fishing - fishing, fishing) is a type of Internet fraud in which an attacker tries to obtain confidential user data in any way possible: login / password, full name, phone number, passport data, etc. In addition to standard phishing, there is also a variant of it - vishing (from the English Voice phishing). Using vishing, attackers use voice communications and social engineering to try to get users' bank card details or any other confidential information. Vishing is also a fairly popular method of obtaining confidential data, but today we are talking about the classic version.
Why phishing is dangerous
, . , . . . , . , . ( , ..), .
โ , , , . .
- Roundcube
, โ , . , . - , , .
, , pentestit.ru, Return-Path, , , .
, , , , .
. curl .
. , , .
, , . , "Sign In". , :
, JSON :
, @ :
windows.location.replace("http://www."+my_slice)
my_slice, :
, - , . new injection .
?
, , , ..:
. , , . , . , pentestit.ru penteslit.ru , . , , 2ip.ru. , ;
. , , , . , , , , - .. Return-Path, , . , , 4 , ;
. , , . , . , , Dear Friend email- , . , . , .
.. ยซยป . , . , , Pentestit โ . , , .