I’ve been away from Programming Kid since a week now. It wasn’t something planned. I am just a bit overworked at the moment. Anyhow, I would like to share an interesting incident that happened with me this week.
In December 2009, I created a website : ihateankitfadia.com. I did so because I really dislike guys who talk about hacking when they are nothing more than Script Kiddies and sharing tips and tricks on Google, YouTube is called as Hacking? Oh Please!
This isn’t the right place to talk about this, so you can read more about it at : My tryst with Ethical Hacking – Ankit Fadia’s first Book and my Experience
Phishing : Caught in the wrong net
I created a DEMO Phishing page on the same website for educational purposes and as a demonstration how easy it is to clone any website. All is required is some basic HTML coding, a Web Server and a Dynamic Send Mail Script. Using the same, I created a DEMO Gmail Phishing page which did not work. I disabled the Submit button.
My intentions were all good and I had profusely mentioned that this was a NON-WORKING Demo only. After a few weeks. I was horrified to see my Website Banned by my host.
How the Suspected Website got Banned
I followed the following steps after going through my emails and writing to the Web Host. My website was reactivated after 3-4 days following a series of mail exchanges. The interesting part is It wasn’t ME and WebHost but there was also a party called Internet Identity SIRT which contacted both me and my host warning us of the “suspected” phishing page and that they wanted it to be blocked.
The mail they wrote, seemed like they are safe keepers of the internet and here is an excerpt from the mail I received.
In order to protect innocent visitors to the site from being misled or victimized, we request that you remove the fraudulent pages located on that machine.
We are working on behalf of Google – Gmail to deactivate such fraud websites. The website attempts to collect personal login and financial information of visitors including credit card details. Based on our investigation, this website is unauthorized and unrelated to Google – Gmail, and likely constitutes an improper attempt to obtain personal details of unsuspecting visitors. A practice also known as “phishing.”
We also request that you sequester any data related to this site for future investigation by law enforcement. This would include files, source code, and any data stored that is associated with it. It would also include any log entries of access to the server for the site, connections to upload or download data to the site, or records of the account being created.
If you are not the appropriate staff to handle this matter, we ask that you immediately escalate this matter to the attention of those within your organization who can resolve this network abuse issue.
Consequently, due to the above email, my hosting provider disabled :
- My Website
- FTP Account
- Terminated my Account with them
So, in short, everything was gone! All because of a DEMO page
Getting the Suspected Website Reactivated
In the conversation that followed, I sent 3 emails.
- First – To my Web Host
- Second – To the Internet Identity SIRT
- Third – Created a Ticket with my web-host telling them my stance and about the Demo Page.
I received the following response from Internet Identity SIRT :
This URL was disabled by your ISP. We noted to them that this was a demo page after further analysis and told them to not suspend it based on our report. If they proceeded to suspend it it was on their analysis.
We do not have the ability to re-activate your account, this is something you need to follow up with your ISP regarding. If your ISP would like us to re-verify that the site is not a phishing attack they can ask us to send our notification again.
In a few days time, after I furnished an undertaking saying I would remove the suspected pages was my account reactivated. The whole process took some 3 days.
If anyone of you gets stuck in some problem like this, I hope my experience would help you get out of the situation. It is best not to panic and contact your Web Host regarding the same.
Related : Secure Your Google Account Using SMS
Ben
Advv
AnnNonymus
Arun Basil Lal
Bhanu @ HackingAr...
{ 4 comments… read them below or add one }
ihateankitfadia.com was your websites Vaibhav…!! i never knews that..!! (see..i think i am talkings like Rakhi Sawantz)..!!
I would like to mention the difference between a hacker and a cracker. A hacker likes to take things apart and see how they work out of interest. A cracker prefers breaking into systems possibly with malicious intent. Hackers squirm in their seats when ordinary folks and the media use the term when they talk about crackers.
If you want to be a hacker, read this first How to be a Hacker
lol.. I also had no idea you owned ihateankitfadia.com
Welcome to the club, dude
Hmm….good you got your site back..
A clear warning on the phishing page should be must ..even it was for demo