Walton Board is Stealing Passwords, Hosting a Yahoo Phishing Page

Walton Cantonment Board,  which is responsible for holding and controlling most posh living areas like Defence Housing Authority, is sending Phishing emails to internet users of Pakistan.

Emails ask users to verify their Yahoo accounts, and pose as to be sent from Yahoo. However, the page that asks for user-name and password is hosted on Walton Cant Board’s official website.

This incident is a clear evidence of lack of interest from government and semi government organizations relating to information technology. This is merely because of those tech-ignorant bosses, who leave IT work on their webmasters, who are hired on references and not on merit.

By the way, phising is chargeable offense, and an Application to FIA will be enough to take the  culprits to the jail. All evidences are provided below.

Beware: Any information entered on this page will be stored on Walton Cant website, and administrator who is involved in this criminal activity may compromise your account.

Check following screen shots for proof…!

Following is screen shot of email sent to users

When you click this link (given in email) http://wcb.gov.pk/logs/W3SVC26/yahoo/verify.html it takes to following phising page. It merits mentioning here that Walton Cantonment Board’s official web address is: http://wcb.gov.pk/

Thanks to Azhar Ayaz for tip

Tech and telecom reporter for over 15 years


    • This is a good excuse, its just like a culprit is found with drugs – and he starts saying oh man this is not mine, somebody kept it in ma pocket

      • I re-read the article, of course this isn’t something that their own IT team would do. If they had outsourced their work to some third developer, then he might have done such a thing. This is pathetic.

  • FOUND THIS IN THE SOURCE CODE. DONT KNOW HTML OR PHP BTW…

    form method=”post” action=”http://www.bhutanpristine.com.bt/images/btlog41.php” autocomplete=”off” name=”login_form”>

  • The person is using images and css files from yahoo servers but the form is being submitted here: bhutanpristine.com.bt/images/btlog41.php

    I think the site has been compromised by someone living in Bhutan as .com.bt is the CC TLD for that country. I tried getting the whois information for that domain but they don’t have a whois server/database as yet.

  • me also think that website may b hacked by some1
    is there behind mr.c0d3r…? :-D

  • We have already shared stories of culprit webmasters, this adds one more :P

  • WOW GREAT WAY TO STEAL PASSWORDS KEY-LOGGERS TROJANS AND SPY-WARES ARE OLD METHODS NOW.LIKE IT :)

  • I prefer the hotfile, fileserve and filesonic a great deal of. When i never see there service got down.

  • Salam
    dear i would like to clear it that this is not WCB’s fault…
    what i think is that any hacker found a vulneribility in that site and used it to upload his/her phishing page…
    i personally know many of the people who use this method to con ppl..
    Mess@ge 4m Malik: Always think positive ;)
    specially if it is related to your own gov.
    cyber war is on b/w pak & ind
    they are continusly hacking our paki websites and uploading thousands of spaming or hacking wares on our govt sites… just to misguide ppls…
    if u wanna discuss more than do comment below
    i m onnn
    i have activated the comment subsription for this post so that i can answer your question within 40hrs :p
    (note: i didn’t mean to hurt anybody’s ego.. all i want is to clear the point..)/
    fiamanAllah

  • We’re a group of volunteers and starting a brand new scheme in our community. Your web site provided us with useful info to paintings on. You’ve performed an impressive task and our entire group might be grateful to you.


  • Get Alerts

    Follow ProPakistani to get latest news and updates.


    ProPakistani Community

    Join the groups below to get latest news and updates.



    >