Teejayx6
Established Contributor
Regular Member
- Joined
- Jun 17, 2022
- Threads
- 9
- Post Replies
- 36
- Status
- away
- Last seen
Hi
My friend's account was hijacked and this piece of sh*t has been posting phish bait on her instagram story for months. She's just a high schooler (daughter of my neighbor) and tons of her friends have fallen victim to the scammer using her account to DM them.
I responded to a post on her account: an offer of $500 to anybody who can name a word that starts with Z!
And now they want to "verify my paypal address" so they can send me my award money.
They want to verify my account by asking me to change my main Instagram account e-mail to THEIR e-mail.
(at which point they will obviously hit the "forgot password" button when trying to login to my account, respond to the password reset e-mail and lock me out.)
I want to pretend I changed my e-mail and send them a fake password reset e-mail that directs them to a fake reset page where I will collect their password and try to use it to login to my friend's account.
Their phishing scam is so basic I highly doubt they know anything real about phishing and hacking.
I made an exact-match instagram passoword reset page on wix, counting on them never checking the URL.
They only want me to change my e-mail for 5min, which means they will act very fast and not likely take steps to ensure their own safety.
Plus I look like the last person on earth who would know anything about phishing. (well, I am indeed a noob.)
Here are my questions:
How can I send the fake password reset e-mail?
Was it stupid of me to build the fake page using wix?
What's the best, safest, noobiest, fastest way to go about this?
Thanks in advance for your help, smart people.
My friend's account was hijacked and this piece of sh*t has been posting phish bait on her instagram story for months. She's just a high schooler (daughter of my neighbor) and tons of her friends have fallen victim to the scammer using her account to DM them.
I responded to a post on her account: an offer of $500 to anybody who can name a word that starts with Z!
And now they want to "verify my paypal address" so they can send me my award money.
They want to verify my account by asking me to change my main Instagram account e-mail to THEIR e-mail.
(at which point they will obviously hit the "forgot password" button when trying to login to my account, respond to the password reset e-mail and lock me out.)
I want to pretend I changed my e-mail and send them a fake password reset e-mail that directs them to a fake reset page where I will collect their password and try to use it to login to my friend's account.
Their phishing scam is so basic I highly doubt they know anything real about phishing and hacking.
I made an exact-match instagram passoword reset page on wix, counting on them never checking the URL.
They only want me to change my e-mail for 5min, which means they will act very fast and not likely take steps to ensure their own safety.
Plus I look like the last person on earth who would know anything about phishing. (well, I am indeed a noob.)
Here are my questions:
How can I send the fake password reset e-mail?
Was it stupid of me to build the fake page using wix?
What's the best, safest, noobiest, fastest way to go about this?
Thanks in advance for your help, smart people.