I just received a phishing text message, how could this have worked?
I received a phishing text message that pretended to be my bank. It had a link that went to a site that redirect to the following script:
<html><script language="javascript">var page = "Login.php?sslchannel=true&sessionid=XXX”; top.location = page; </script></html>
When I did a wget on that page with the rest of the full url it ran the following script:
<script>
window.googleJavaScriptRedirect = 1
</script>
<script>
var n = {
navigateTo: function(b, a, d) {
if (b != a && b.google) {
if (b.google.r) {
b.google.r = 0;
b.location.href = d;
a.location.replace("about:blank");
}
} else {
a.location.replace(d);
}
}
};
n.navigateTo(window.parent, window, "https://www.banksite.com/");
</script><noscript><META http-equiv="refresh" content="0;URL='https://www.banksite.com/'"></noscript>
From a technical perspective, I’m trying to figure out what this phishing text could have done in the worst case scenario.
Continue reading I just received a phishing text message, how could this have worked?