Fake login pages are on the spree as more and more people are into stealing passwords and credit card info. Somebody will somehow make you visit a site that will look exactly like your email website or your banks online transaction portal. You type in your details to login and all your info is stored on the fake server. Plus, in order to avoid suspicion, the fake page will redirect you to the original website after capturing your information. Now you think you are into your trusted website.
You log in to your bank account again tomorrow. And balance is ZERO. Sometimes your balance can be negetive too, if your bank gave you special privileges for opening your salary account there.
Let’s see an axample:
Following are two different screenshots. One showing actual Gmail page and the other showing a fake website. You (neither I) can never suspect anything fishy from the look and feel of the site.
And the fake site:
Then what do you do? Some one might earlier have told you to look at the site url in the address bar. And you look there. It shows: https://www.gmail…….. and you didn’t have time to read the full url. Check it again now.
Now the fake url:
If you notice it closely, you will see this is a subdirectory (i.e. simply a folder) inside website called 9p.com and the subdirectory name is www.google.com.accounts.ServiceLogin. See the folder below:
So next time you RECEIVE some links from somebody and it looks like your favourite site, be careful to check what is before the first “/” after www. This “/”character is not allowed as directory name. So whatever you see just before the “/” is the actual website you are going to access. And do post the fake urls here to warn the general public.
It’s time to tell them go get a life than stealing others’ hard-earned money.