My friend runs a website and sent an email from Google Safesearch, saying that he has a phishing page. Turns out his cPanel was rude (weak password) and they uploaded some pages to their server. He told me about this, and I wanted to see how refined they were.
In many files, some words / parts of the text are weird. They render perfectly in a web browser, but are mixed inside HTML. I was wondering if anyone can tell me what it is?
Examples:
<title>WеlÑоmе tо еВаy: Sign in</title>
<span class="txtbox_title">Раsswоrd</span>
<a class="three" href="#">Fоrgоt yоur
It is also worth noting that plain text is also displayed on the entire page.
I assume that this stops detecting certain words on the page, but I'm not sure. Any information would be great.
Edit: Originally tagged as PHP. I realized that you probably shouldn't delete it like that. Kindly children.
Edit: For clarity, this is a phishing page aimed at eBay users.
The examples I posted in the original post (in order):
eBay: Sign In
Your Password
Forgot your [password]
As such, I do not consider this to be some kind of malware, but a text encryption method to combat detection in browsers such as Chrome (which, I assume, detected hot words in their algorithm).
pablo source
share