Phishing emails
Like most people with an email account I get phishing emails fairly regularly. Gmail's spam filter does a good job of recognising them and, if I open them, warning that the message may not have come from who it purports to.
I often like to download the attached HTML page and view it in the editor. I find it funny how the scammers will carefully copy the look of the site they're imitating, linking to the various images, scripts and CSS code, but then failing when it comes to the stuff they add themselves.
In the latest example, for instance, the form has the instructions "Complete The Informations Below"
"All informations are required". Then, if you were to submit it, it passes your data to a javascript function. This function, presumably coded into the page by the scammers (whereas the bank stuff is in .js files) simply checks that each field is not an empty string -- there's no testing of whether a field contains text or numerics or is of the correct length etc.
I often like to download the attached HTML page and view it in the editor. I find it funny how the scammers will carefully copy the look of the site they're imitating, linking to the various images, scripts and CSS code, but then failing when it comes to the stuff they add themselves.
In the latest example, for instance, the form has the instructions "Complete The Informations Below"
"All informations are required". Then, if you were to submit it, it passes your data to a javascript function. This function, presumably coded into the page by the scammers (whereas the bank stuff is in .js files) simply checks that each field is not an empty string -- there's no testing of whether a field contains text or numerics or is of the correct length etc.