Tuesday, January 6, 2009

A Phishing Site is using the image from my Website !

I was checking the Access Logs of my website today and I found an entry referring to the loading of an Image hosted on my site ! I suddenly wondered how my image went to that website and was interested to see how was the image used by someone else?

But what I found on that URL was a PHISHING Site. Phishing sites are th
e webpages/sites made for the purpose of stealing information. They fake the looks of some reputed websites either fully or partially. This may result in entering of the sensitive information like passwords, usernames and other information into the FORM on the Phishing Site.

In my case the phishing site was hosted on Blogspot (Blogger). And the URL of that PHISHING Site is: http://orkutpowertools.blogspot.com/ Screen Shot of the Phishing Site:

Here the person who has made this PHISHING site has used a service from JotForm (InterLogy Company) for the making aa HTML Form and storing/getting the data entered into it. The Form is inserted info the Phishing Site using 'iframe'.
The direct URl to that Form is :

The person who has made the Phishing Site is using many Images which are HotLinked from their respective websites (webspace/servers). I will mention them here as you will come to know how the person has used many images from different sites.

1) The BLACK Background is the Image from www.in.com and the URL : http://josh18.in.com/images/hindi_home_back.gif
This Phishing site is having many images from www.in.com . But will In.com take
any action on this ?
2) The image just before "Love Percentage" is taken from MY WEBSITE ! and the URL : http://www.kslokesh.com/images/kslokesh_lp.gif

3) Orkut Themes image from OrkutStyle URL : http://www.orkutstyle.com/preview-backgrounds.jpg
4) Mobile Phone image is from MoneyControl URL : http://img
5) Scrap image is from Orkut URL : http://img1.orkut.com/img/castro/p_scrap.gif
6) Google Account Logo image is hosted on imageshack and the URL : http://img530.

There are many other images which are HotLinked from different websites.

Simply to test the form, I entered some random texts into the 'Email' and 'Password' fields and instead of an ERROR, it said "Thank You, Your submission has been received".
If some person who is not able to distinguish the PHISHING visits that site, he would definetly enter His Google Email and Password which will reach the author of the Phishing site when submitted.

So BE CAREFUL before entering the login information into webpages.

Further Research into the Phishing site revealed the Blogger User Profile address of the author of the phishing site which revealed more phishing sites of that person.
Blogger User Profile: http://www.blogger.com/profile/02608141402188792191 .

There were other Phishing sites which were spoofing PayPal, In.com Shopping, AdSense Violation Recover.

Check the Blogs listed in that Blogger Profile :
1) http://krazzyorkut.blogspot.com/ - Fake Shopping Listings. The images linked to Fake PayPal Site 1.

2) http://paypal.premium.ws/ - Fake PayPal Account Login Site 1.
AND another similar one
3) http://clickearnings.blogspot.com/ -
Fake PayPal Account Login Site 2.

4) http://adsens-related-site.blogspot.com/ - Fake Google AdSense Violation Recover Form.

These Websites constitute just a fraction of such Phishing / Spoof Websites on the internet.

And the worse thing is that these Phishing/Spoof websites appear to be made by Indians..! (The name in the Blogger Profile 'ramyadav123' . So mostly from India.)

Hope that we all gain sufficient knowledge to recognize such websites and be careful and alert others also, about such things on the internet.

Jai Hind,
Jai Karnataka.


All the things mentioned in my blog by me are My Opinions and My Thoughts If they are Not Facts.! If anyone is offended by the content, please tell me with reasons.
All Mentioned TradeMarks, Copyrights and Logos etc. belongs to their respective Owners. - kslokesh.com | TERMS AND CONDITIONS , PRIVACY POLICY , DISCLAIMER . FEEDBACK

Lokesh's Blog : blog.kslokesh.com , Hosted on Blogspot.com (Blogger.com). . Domain Registration by x.co/locality | Website by Nanjangud.Net

Back to TOP