Phishing is a form of Hack that is no stranger to everyone, an attacker will fake a Web site and trick users into logging in to steal accounts. Currently, there are many objects using this form of Phishing to steal Facebook accounts, Emails, bank accounts… If you are not equipped with knowledge, it is very easy to lose your account, leading to many great consequences.
Join the channel Telegram of the AnonyViet 👉 Link 👈 |
Phishing form clicking on the link but accessing another link
According to some people’s experience, before clicking on any link, always hover over that link to see what is the destination link below the browser? However, with just one piece of javascript, an attacker can change the preview link of the browser status line. As you can see in the picture below: The link on the browser is https://www.google.com and when hovering the mouse it also shows https://www,google.com.
But when you click on the link you will be redirected to https://example.com
Here is an Example J2team posted on the group to warn everyone:
You can see this form of Phishing directly at the page: https://raw.githack.com/NguyenVanManh-AI/Link/main/fakelink.html. This is the page of Nguyen Van Manh as Demo for the above video. If you look in the source code, you will see a piece of javascript that can change the content of the browser’s status line:
<a id="link" href="https://example.com">https://google.com</a> <script type="text/javascript"> var link = document.getElementById('link'); link.onmouseover = () => link.setAttribute("href","https://google.com"); link.onmouseout = () => link.setAttribute("href","https://example.com"); link.onclick = () => link.setAttribute("href","https://example.com"); </script>
link.onmouseover
: will change the link displayed at the bottom of the browser status bar.
Or simply use this script:
<html> <a href="https://google.com" onclick="try{window.location.href="http://example.com"}catch(e){}return false">https://google.com</a> </html>
According to Admin Manh Tuan – Google’s main J2team team also used this game on the search page. When I found it, the results were website link A, when I moved in, I also saw the status of website A link. But when I clicked it, it redirected to google.com/?abcxyz… (statistics of the number of clicks on the results) then switch to site A.
So how not to be Phishing
Before logging in to any site, you mustNotice the website address on the Address barif it is not the page you need to log in to, it must be turned off immediately.
Normal user way:
In order not to be trapped in this case, instead of using the left mouse button to click on the link, get in the habit of clicking the link with the mouse scroll button. This action not only does not click on the link but access another link, but it also helps you open a new tab.
Professional way:
Instead of clicking on the link in the browser, you Right click go to the website choose Xem nguồn trang
or press Ctrl + U
or press F12
. Then find the paragraph with the destination link and copy and paste it into the browser. In my opinion, no one uses this way 🙂
If you are confident you can overcome Hacker’s Phishing mechanisms, give it a try Test your knowledge of Phishing with the Google Test See if you can get the maximum score.