Auto-generated phishing pages and the social web.
(The following is a cybersecurity research article on credential theft using non-traditional and underexploited phishing methods.)
You’re browsing the web. You’re logged into an online discussion space such as YouTube, Reddit, Twitter, Medium, a small community forum, etc. You click on a link from another user to another page on the same site. Instead of seeing the content you’re looking for you’re presented with the login page for the site you’re already on. Annoyed and a little confused as to why you’ve been logged out, you log back in and are taken to the content you were expecting.
You’ve just been phished.
[Read more…] about Dynamically create a phishing page based on the HTTP referer header