If your new to the concept of Phishing i would recommend you to read the following articles before reading this one
- What is Phishing ? Know The Basics
- Tabnabbing - A New Type of Phishing Attack
- How to Hack Any Email Account
What is Desktop Phishing ?
Desktop Phishing is Victim then enters his credentials such as user names passwords in the fake login page that goes to the attacker.Victim is then redirected to an error page or genuine website depending on the attacker.But the main drawback in this phishing attack is the victim can easily differentiate between fake and real login page by looking at the URL which contains a different domain name. We can overcome this in desktop phishing by spoofing the domain name
In Desktop Phishing The Attacker just replaces some text in the hosts file which is located in Windows directory of the victims computer ,The attacker does this by sending a executable or a batch file and convinces the victim to click it, Now whenever the victim visits the real website like GMail.com He is redirected to the attackers phishing page But the domain name (GMail.com) remains the same as typed by the victim and the victim doesn't come to know that it is a fake page, Thus this type of phishing attack has very good success rate
So i hope this Information helps You ,In my next post I'll explain how you can use this method (Desktop Phishing) to hack Face book ,Gmail accounts