Isca ch 3 spoofing

This is real life example I had come across a few years back. Relate this, with the definition you sent.

Once there was this offer going on for buying mobiles at ridiculous prices, like Rs.1.

The website name they used was, say Flipkart.

So when you open this link it takes you to the page where you can see this offer. Then all you had to do is add the item to the cart and checkout. But then it asked you to log in to your account.

Innocently enough any user will use his genuine account id and password (after all you're getting a brand new phone for Rs. 1)

And once a user logs in to it.. Some ridiculous message is displayed and its then that you realise all this was just a fraud link.

In this case,
Either they got your genuine id password or they got enough information about you, things like name, address and phone number.

Hope this helps.

Yes.Thanks. I get it. But what I am not understanding is the meaning of last two lines viz.attempts for system crash and makes the user login again.

 

As in the above situation, once the user gives in necessary login details, the system will crash, say it will give messages like website cannot be loaded and please enter the details again or something like that. ie. user won't be able to complete the task but the penetrater gets all valid details.

Then Why will it make or ask the user to login again?

It merely means that the penetrater uses a similar interface to prompt the user to enter his details. Once the penetrater gets all details, the link will become crash or useless. User won't be able to login again or how many times he tries to login bcoz the said link is not genuine.