Phishing

Phishing is a malicious technique used by viruses or hackers to fool people into using their username and passwords. How these work is that A creates B which mimics C. D ends up on B which looks to be C to D, and ends up entering their username and password. A acquires D's userdata from B and thus A has stolen D's user credientials for C. Often times, these sites are programmed in such a manner where they directly feed the owner usernames and passwords. However, it is noted that one weakness includes requiring the owner's email address/password to deliver the payload, which can be exploited.

Why It Sucks

 * 1) They are used to fool people, by making them think they're on a legitimate website.
 * 2) It can be pretty easy to tell that it's a phishing site if the urls are different, which is easy to guess. You can tell via various things like grammar errors, and even things like typosquatting as well.
 * 3) Even with a good filter, most of these phishing sites have dynamic url names, which means they could be everywhere and changing domain names. For example, Firewall blocks Phish 1, but Phish 1 spoofs url to Phish 2, Firewall goes on to block Phish 2, but Phish 2 changes again and again. They often at times have non-static IP addresses.
 * 4) It's also used as a form of scam and identity theft, including stealing credit card numbers, banking, and other information aside from usernames, emails, and passwords.
 * 5) Older phishing methods, especially in the form of .exe files, are much more susceptible to backfiring to the point where the user ends up finding the recipient's username/email and password upon opening up the exe file via a text editor, which is one of the required parts for scammers to create phishers. ToonTracer opened up a .exe file of a fake Toontown client via Notepad and found out it led to someone's Gmail which had fooled reportedly over 400 people.

Videos
FYjAUkkEP-k SMKHIPEcKx8