Initially, I didn’t look for anything and just clicked on that link in the email and even typed my Login details in the fields. That is when I remembered that I had saved my Password and Username for Orkut in my Firefox Browser. I saw the URL and I was shocked to see it.
Now, how does this work?
Basically, hacking using fake Login pages is called as Phishing…
When you click on sign in, the Login form will go to another file. In this case the file name is process.php
Now this process.php file will contain the code in the below image.
Now the highlighted FILENAME.TXT file’s name can be anything that can be kept as a secret.
The FILENAME.TXT file stores the Username and Password entered into the fields of the fake Login page
Please be careful while logging into Orkut account. Just TRIPLE CHECK the URL if you see an Orkut Login page that you have not TYPED yourself in the in the address bar 🙂
Still, I’m doing research on this site to crack out what that .txt filename is..!! 😛