Recently, I got a scrap from someone who's in my "Friendlist" for quite sometime. It goes:
I have uploaded My latest pic.....Have a look...Copy and paste in address bar:-http://tinyurl.com/2w5oal Do comment!
Now, I was really interested to see his pic. But what I find was really frightening. That was page same as the login page of Orkut. (Do visit it) But careful attention reveals that the address is something else. It's something like this: http://picss.we.bs/Login1.html. And the source of the page is simply is more terrible. The script of the login form is located at: http://www.big-llc.com/formmailer/submit which should have been (for the real orkut login script) is at https://www.google.com/accounts/ServiceLoginAuth?service=orkut! Horrible!
How it works?
Very simple. The hackers create a php or cgi script that sends the password and the username to their beloved server whenever someone "log-in" from this page. To make it more flawless they redirect you to Orkut login page making you believe that something must have gone wrong when you are logging on.
What you can do?
Fake login pages are everywhere. A few days back Rahul wrote some story about Yahoo fake login pages (which I can't find from his archives). You should really keep your eyes open to see any differences between the page you are login from and the one you are familiar with. And do check the address bar. It would never fake.