• zaknenou@lemmy.dbzer0.comOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 months ago

    I don’t understand, as you said the hacker’s server requests my credits, so am I not supposed to be prompted to accept something by the browser or Discord app? Twitter and Google usually prompt you and require you to click “allow”

    • Godort@lemm.ee
      link
      fedilink
      arrow-up
      5
      ·
      2 months ago

      You’ve got half of it. The hacker’s server is acting as a middleman for the real login page. Everything appears legitimate except the URL will be wrong and if you use a password manager, it won’t auto-fill

      They access the legit login page and forward it to you, but they’re in the middle capturing everything you send.

      When you enter your login details, they will record them and then forward them to the real login window in near real time, effectively logging in as you. They then have a legitimate session token which they can use to access your account without needing to re-authenticate.