Underground – Password Phishing

Phishing is a method of obtaining sensitive information such as usernames and passwords by pretending to be a trusted website. Tehdead shows us a variety of password phishing techniques that enable an attacker to trick a user into giving up their login information. The first step is to create a fake login identical to the login on the trusted website. In order to not raise suspicion, Tehdead explains two methods to capture the victim’s password and then transfer them to the real website. One method is to sumbit the information to a php page that is disguised as a pop-up advertisment, and the other is to send the username and password to a simular php page that is contained in an iframe. Lastly, Tehdead describes how to use link manipulation with BBcode to social engineer a victim into going to the fraudulent website.
Download Here

If you would like to submit a video to Infinity Exists Underground send a email describing your video to underground@infinityexists.com