March 24, 2017
Learn to make Phishing Page for Facebook
Making a Phishing Page for facebook is very easy. Lets learn how to make a phishing site of our own.
A phishing site an attempt to get the personal information such as username, password etc by using a fake page! They send out e-mails that appears to come from the legitimate websites such as e-bay,Paypal etc and when you click those links they ask you to enter your details such as password, e-mail, Credit card number and once you enter your details the phisher will get all your details!
I will be demonstrating how to create a phishing site based on Facebook.
Step 1:
Now go to www.facebook.com (Make sure that you are logged out!).Now Right click anywhere on the facebook home page and click on “view page source” from the menu. Alternatively you can get the source code of any site like gmail, facebook that as login form and create the phishing page by following other steps as it is.
Step 2:
After clicking on “view page source” ,a new window will open with html coding in it.Press CTRL+A your keyboard to select the entire code and then press CTRL+C your keyboard to copy the code.
Step 3:
Open Notepad and paste the entire code in it, now scroll notepad to the top. Press CTRL+F of your keyboard and find “action=” without inverted comma’s.there will be two “action=” you are interested in the first one.
Open Notepad and paste the entire code in it, now scroll notepad to the top. Press CTRL+F of your keyboard and find “action=” without inverted comma’s.there will be two “action=” you are interested in the first one.
Step 4:
Now Replace the highlighted text as shown in the picture given below with word “face.php” .
Step 5:
Go to File>Save as and save your file with the filename “index.php” without inverted comma. Press OK if it shows up a warning!
Step 6:
After change POST method like "face.php" user name and password are send face.php file.
Step 6:
After get result "face.php" user name and password are send it my email.
Step 6:
After hosting I will get the login details to my email account as follows.
Below is the link I have used to host the phishing website.
Creating the Phishing web site .
All the files related to this demonstration are saved in my GitHub account.You can access them by this link
How to identify a phishing mail and be safe from them if received ?
It is important for us to be logical and always alert when dealing with communication of any sort and the below tips will further help you to be safe and identify phishing emails.
- Link to a fake site :- The email will provide a link requesting the user to click on in order to direct the victim to gather his personal information
- Urgent action will be required :- Normally phishing mails require the receiver to act quickly in order to get details. The mail will have an urgent call for action.
- The senders email address will not match the legitimate senders email address.
- The mail will require your personal details such as credit card number and account details.
- Email says that you have won a competition that you have not entered.
- Do not click on the links or download or open any attachments provided form unknown and suspicious senders.
- Make sure you check thoroughly for the given tips above to make you self safe form being a phishing victim .
- Protect your computer with firewalls, spam filters and an antivirus guard.
- Allays be logical and be alert.
- Update your web browser