Can anyone please explain meaning of follo. lines from SM : A penetrator makes user think that he/she is interacting with OS. eg. A penetrator duplicates login procedures, captures user's password, attempts for system crash and makes the user login again.
5 Replies
nishad goliwadekar
(77 Points)
Replied 05 August 2018
This is real life example I had come across a few years back. Relate this, with the definition you sent.
Once there was this offer going on for buying mobiles at ridiculous prices, like Rs.1.
The website name they used was, say Flipkart.
So when you open this link it takes you to the page where you can see this offer. Then all you had to do is add the item to the cart and checkout. But then it asked you to log in to your account.
Innocently enough any user will use his genuine account id and password (after all you're getting a brand new phone for Rs. 1)
And once a user logs in to it.. Some ridiculous message is displayed and its then that you realise all this was just a fraud link.
In this case,
Either they got your genuine id password or they got enough information about you, things like name, address and phone number.
Hope this helps.
Once there was this offer going on for buying mobiles at ridiculous prices, like Rs.1.
The website name they used was, say Flipkart.
So when you open this link it takes you to the page where you can see this offer. Then all you had to do is add the item to the cart and checkout. But then it asked you to log in to your account.
Innocently enough any user will use his genuine account id and password (after all you're getting a brand new phone for Rs. 1)
And once a user logs in to it.. Some ridiculous message is displayed and its then that you realise all this was just a fraud link.
In this case,
Either they got your genuine id password or they got enough information about you, things like name, address and phone number.
Hope this helps.
Amol
(Accounting)
(434 Points)
Replied 05 August 2018
Yes.Thanks. I get it. But what I am not understanding is the meaning of last two lines viz.attempts for system crash and makes the user login again.
Lakshmi Venugopal
(Chartered Accountant)
(136 Points)
Replied 05 August 2018
As in the above situation, once the user gives in necessary login details, the system will crash, say it will give messages like website cannot be loaded and please enter the details again or something like that. ie. user won't be able to complete the task but the penetrater gets all valid details.
Amol
(Accounting)
(434 Points)
Replied 05 August 2018
Then Why will it make or ask the user to login again?
Lakshmi Venugopal
(Chartered Accountant)
(136 Points)
Replied 06 August 2018
It merely means that the penetrater uses a similar interface to prompt the user to enter his details. Once the penetrater gets all details, the link will become crash or useless. User won't be able to login again or how many times he tries to login bcoz the said link is not genuine.
Recent Topics
- Urgent doubt on GST
- Profit or Loss on Sale of Assets Accounting treatm
- Clarification on RCM on Rent Payment for QRMP Deal
- Reclaimed itc in gstr9
- Gamification in Accounting Software: Boosting Enga
- I want to knw Hsn code and gst rate of resin produ
- Schedule FA clarification
- Income tax on freelance income from crypto
- ITC temporary reversal and reclaim
- Query on Transactions
Related Threads
CAclubindia
