Okay okay, I didn’t, but someone else could. This article is designed to show how easy phishing is. I built a simple form on Glitch to collect a classmates password. We will call her P. P bet me I would not be able to crack her password.
How did I do it?
If you just want the code hop over to Glitch. Please note this code is for educational purposes only.
I started off with building the form. The form is designed to look identical to a google login form.
Set the query parameter
Navigate to https://google-phishing.glitch.me/get_log to see the collected passwords.
Why do people fall for this? Most of us see the Google logo and feel safe. A domain like accounts-google-sign-in-appspot-com.glitch.me/… at a glace looks official. Naturally, we want to login to access our data.
This article is to serve as a public service announcement. Please keep your passwords safe.