*removed externally hosted image*

  • zaknenou@lemmy.dbzer0.com
    hexagon
    ·
    3 months ago

    I don't understand, as you said the hacker's server requests my credits, so am I not supposed to be prompted to accept something by the browser or Discord app? Twitter and Google usually prompt you and require you to click "allow"

    • Godort@lemm.ee
      ·
      3 months ago

      You've got half of it. The hacker's server is acting as a middleman for the real login page. Everything appears legitimate except the URL will be wrong and if you use a password manager, it won't auto-fill

      They access the legit login page and forward it to you, but they're in the middle capturing everything you send.

      When you enter your login details, they will record them and then forward them to the real login window in near real time, effectively logging in as you. They then have a legitimate session token which they can use to access your account without needing to re-authenticate.