Just in case there are some of you who read what I post and don’t understand the concept of phishing, watch out for this shit. Outside of an official Tumblr login page, there should be no reason for the website to ask for your password. If you see this on anyone’s blog, you should let them know and link them here for the short tutorial on how to remove the offending content from their blog.
In the meantime, you can make the overlay go away by providing it with bullshit information like ass@farts.com/butthairz. It’s also a good idea to try bullshit information if you ever see a login form that looks suspicious. If it accepts the bogus information without question, you know you’ve found a malicious login form.
Removing this from your blog is pretty straightforward:
- Go to your blog’s customization page. For me and this blog it’s http://www.tumblr.com/customize/ohsusquehanna
- Click “Edit HTML”
- Scroll all the way to the bottom and look for a blog of HTML/javascript that looks like this. If it’s not at the bottom, just quickly skim through the HTML to see if you can find something similar. It’s likely that the variable names are random as well as how the text in the script is chopped up. That’s to keep meddling kids (and their stupid dog too) from being able to quickly find the offending code.
- Just delete it.
- Change your account’s password.
Signal boost.
Source: ohsusquehanna
Junk food for thought.
