Jump to content
Science Forums

Phishing


Recommended Posts

Phishing sites and their methods, reasons too phish.

 

Some have become more elaborate, and are not only phishing for instant cash reward. I have seen some that procure "new", by invoking the time of the unpaid few that just have no one to talk to on/near their level.

 

What are these sites doing for profit?

 

eg. Sites procuring opinion about a washing detergent.

 

Although Facebook has refined the method for such phishing, entities still try to do the "cookie" thing but in a manipulated manner...slowly building up a profile of a particular user.

Link to comment
Share on other sites

  • 1 year later...

Phishing websites steal user credentials through XSS attacks (cross site scripting).

This is incorrect.

 

By definition, phishing is obtaining sensitive information, usually user name/password pairs, by impersonating a trusted entity. For example, a phishing attack can involve a webpage that looks like a trusted one, but has a slightly different URL. A phishing attack on scienceforums.com members, for example, might use the DNS name sciencesforums.com.

 

A XSS attack injects data-stealing scripts into the data supplied by a trusted entity.

Link to comment
Share on other sites

This is incorrect.

 

By definition, phishing is obtaining sensitive information, usually user name/password pairs, by impersonating a trusted entity. For example, a phishing attack can involve a webpage that looks like a trusted one, but has a slightly different URL. A phishing attack on scienceforums.com members, for example, might use the DNS name sciencesforums.com.

 

A XSS attack injects data-stealing scripts into the data supplied by a trusted entity.

Maybe you are referring to CSRF - cross site request forgery?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...