Malware distributors, hackers, and phishing scammers are continuing to use the practice of hiding login forms for their web shells in fake HTTP error documents. These pages pretend to be HTTP errors such as 404 Not Found or Forbidden, while in reality they are login pages that allow an attacker to …