Be aware of Fake Login Page

Hi viewers i am writing this post out of my own experience. Nowadays social networking sites (eg: orkut, yahoo, etc.,) are more popular. Almost all of us are being a user of it. Most of the users use same email id for all requirities (eg: same id for your banking account (or anything else) and for orkut and so on) else they use same password for all their logins. But its really very dangerous. Last week my friend scrapped me this “visit the link to know your friends password”. On eager i too visited that page, but later i realized that page is a fake login Page.
 

What’s called Fake Login Page?

  Fake login page is similar to our usual web page. Here is a link for a fake login Page. Just visit the page but don’t give your username and password.

 http://huntme007.com/yahoo-new

 What happens when you enter the username and password in fake login page?

 Usual Login Page Action:

 When you enter your login details in any login form and hit enter they are submitted to another page which reads these login details and checks the database as whether you entered the correct username and password, if yes then you will be taken to your account else you will get an error page.

 Fake Login Page Action:

A hacker creates a fake page which looks exactly same as the original page and some how tricks you to enter your login details in that page. These login details are then submitted to a file. At this stage the hacker has two options. He can either store the login details on his server or he can directly get them mailed to his email id. All the above said things happen behind the scenes, you will have no clue of it. When you enter your login details for the first time your details are submitted to the hacker and you will be directed to a error page (this is the original error page). When you enter your login details again you will be logged in to your account. It’s quite common for us to enter the login details wrongly sometimes so you will not become suspicious when you get the error page.

 Steps to prevent Password Hacking:

 1. Never enter you login details in unknown sites.

2. Always type the address directly into the browser.

3. Do not follow the links you get in mails and chatting even if they are from your friends.

4. Always have a keen look in the address bar and verify if the address is correct.

5. If you feel like you entered your details in a fake login page change your password immediately.

6. Change your Password at least once or twice in a month.

7.Use Strong Passwords (usage of special characters and numericals can strengthen your password)

8.Try to have completely different passwords for different logins so that the passwords have no link to eachother.

June 14, 2008 Posted by increa | Internet | Add new tag, Fake Login, Passwords, secure login | 9 Comments