Video Screencast Help

Desktop Phishing Attack and Its Prevention Part 1

Created: 07 Jan 2012 • Updated: 02 Feb 2012 | 2 comments
Language Translations
Sanehdeep Singh's picture
+16 16 Votes
Login to vote

What is Phishing?

Phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by appearing as a trustworthy entity in an electronic communication. Phishing is typically carried out by email or instant messaging and often directs users to enter details at a website, although phone contact has also been used.

Phishing is an example of social engineering techniques used to fool users. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical measures.     

What is Desktop Phishing?

Desktop Phishing is another form of phishing attack. In a simple Phishing attack, the attacker convinces the victim to click on a link which contains a fake login page, Victim then enters his credentials such as user names passwords in the fake login page that goes to the attacker. Victim is then redirected to an page defined by attacker.  But there is one drawback of this Phishing attack is the victim can easily identify the fake page by looking at the URL.

But In Desktop phishing hackers do some modification in hosts file of the victim computer. The attacker does this by sending a exe file and convinces the victim to execute it. If the victim execute this exe file it change some text into hosts file. Now if victim types the domain of original website. He is redirected to attacker’s phishing page and domain name remains the same.

 

Steps to perform Desktop Phishing Attack

To perform Desktop phishing Attack we need Wamp server to host our fake page, hosts file to do modification and Winrar to convert host file into exe.

Follow the below steps to perform Desktop Phishing Attack.

 

1) Download and Install Wamp Server. Double click on Wamp server icon to run your server

 

2) Go to WWW Directory of Wamp Server, the default path is “C:\wamp\www” or click on Wamp server icon running in system tray and then click on www directory.

 

3) Copy your fake page and paste it in the www directory.

 

4) Now Test your fake page whether it runs properly or not. To test your fake page open web browser and type localhost and Hit Enter.

 

5) Copy your hosts file (windows/system32/drivers/etc) to another folder. Open it with notepad and enter your IP Address and the domain name of website (gmail.com in my case) and save it.

6) Right click on hosts file and Click on Add to Archive.

 

7) Under General Tab, Change Archive format from “.rar” to “.zip” and Tick on Checkbox “Create SFX Archive”.

8) Under Advanced Tab, Click on “SFX Options”.

9) Now in “Path to Extract”, enter “c:\windows\system32\drivers\etc” (Without double quotes).

10) Under Modes Tab, Select “hide all” Option.

11) Under Update Tab, Select “Overwrite all files”. Hit Ok and again Ok.

12) Now you will get “hosts.exe”. Just send this file to victim by email.

Comments 2 CommentsJump to latest comment

P4Amdik19's picture

ohh really ...is it possible ...? smiley

Thats great....

Thanks & Regards

Pratik Mahadik

0
Login to vote
Sanehdeep Singh's picture

@pratik: yes its possible, check out the 2nd part of this article.

With Regards,

Er. Sanehdeep Singh

(E|CSA, C|EH, Security5)

0
Login to vote