Desktop Phishing
Desktop Phishing is more advanced method form of phishing attack. In a simple Phishing Attack, attacker convinces the victim to click on a link which contains a fake login page, the victim then enters his credentials such as user names and password in the fake login page that goes to the attacker etc...
In Desktop Phishing, attacker just replaces some text in the hosts file which is located in Windows directory of our victims computer. The attacker does this by sending a executable or a batch file and convinces the victim to click it, Now whenever the victim visits the real website like paypal.com He is redirected to the attackers phishing page But the domain name (paypal.com) remains the same as typed by the victim and the victim doesn't come to know that it is a fake page, thus this type of phishing attack has very good success rate.
Tab-Napping
Tab Napping is quite new hacking trick through which you can't directly hack accounts. But if you use phishing methods combined with tab napping, then you can hack accounts. Actually Tab-Napping is a script which you put into a site/blog and when the user visits your website/blog and reads your articles, plays games or watches videos, then the user goes to other tab in browser which contain other websites like YouTube, Google etc. and comes back to your website then your website will be redirected him to the phishing page and telling them to login with Facebook/Gmail/yahoo account to continue. When the user enters his login information he will be back to your page and user password will be send to you.
Desktop Phishing is more advanced method form of phishing attack. In a simple Phishing Attack, attacker convinces the victim to click on a link which contains a fake login page, the victim then enters his credentials such as user names and password in the fake login page that goes to the attacker etc...
In Desktop Phishing, attacker just replaces some text in the hosts file which is located in Windows directory of our victims computer. The attacker does this by sending a executable or a batch file and convinces the victim to click it, Now whenever the victim visits the real website like paypal.com He is redirected to the attackers phishing page But the domain name (paypal.com) remains the same as typed by the victim and the victim doesn't come to know that it is a fake page, thus this type of phishing attack has very good success rate.
Tab-Napping
Tab Napping is quite new hacking trick through which you can't directly hack accounts. But if you use phishing methods combined with tab napping, then you can hack accounts. Actually Tab-Napping is a script which you put into a site/blog and when the user visits your website/blog and reads your articles, plays games or watches videos, then the user goes to other tab in browser which contain other websites like YouTube, Google etc. and comes back to your website then your website will be redirected him to the phishing page and telling them to login with Facebook/Gmail/yahoo account to continue. When the user enters his login information he will be back to your page and user password will be send to you.
Website Cloning
To this method we will need Backtrack 5 platform. In this method we will clone the login page of a website using Backtrack abilities and stealing the user's logins.
To this method we will need Backtrack 5 platform. In this method we will clone the login page of a website using Backtrack abilities and stealing the user's logins.
