Friday, February 3, 2012

Different types of Email Account Hacking


The Basic level Hacking is Email Account Hacking.  Everyone like to do first email account hacking only.  So here is the tutorial for budding hackers about email Hacking.


There are different types of Email Account Hacking .  Here is some of them :


  1. Social Engineering
    • Phishing
  2. Brute Force Attack
  3.  Keylogger
  4.  Guessing the Answer for the Security Question


Social Engineering:

Social engineering takes advantage of the weakest link in any organization’s
information security defenses: people. Social engineering is
“people hacking” and involves maliciously exploiting the trusting nature of
human beings to obtain information that can be used for personal gain.

Social engineering is one of the toughest hacks to perpetrate because it takes
great skill to come across as trustworthy to a stranger. It’s also by far the
toughest hack to protect against because people are involved.

Social Engineering is different from Physical Security exploits . In social engineering hackers will analyze about
victim.  Hackers will send mail to victim.  The contents will be related to the victim.

Eg:

✓ False support personnel claim that they need to install a patch or new
version of software on a user’s computer, talk the user into downloading
the software, and obtain remote control of the system.
✓ False vendors claim to need to update the organization’s accounting
package or phone system, ask for the administrator password, and
obtain full access.
✓ Phishing e-mails sent by external attackers gather user IDs and passwords
of unsuspecting recipients. Hackers then use those passwords to
gain access to bank accounts and more. A related attack exploits crosssite
scripting on Web forms.
✓ False employees notify the security desk that they have lost their keys
to the computer room, receive a set of keys from security, and obtain
unauthorized access to physical and electronic information.

 Phishing WebPage:

     It is a fake webpage which looks similar to the original page of the website.  Using this WebPage we can easily get the Password of victims.  The process involved in creating Phishing webpage are,
✓ First Visit the Website which is associated with the email id. Copy the Source code.
✓ Edit the the Source code such that it will store the password for you.
✓ Upload the Webpage to any free webhosting sites.  (don't select a famous hosting site,they will find that
    your page is fake). Try uploading through the proxy server.

Guessing the Answer for Security Question:
    Do you remember that the mail sites will ask for the security questions to retrieve the mail account?  You can hack the mail account simply guessing the answer.  If the victim is your friend ,then it may very easy to hack. 

Brute Force Attack:



A famous and traditional attacking method .  In this method ,the password will be found by trying all possible passwords with any program or software.




Keyloggers:


  It is one of the spyware which will capture what you type in the keyboard.  so whenever you type the username and password ,it will simply capture.

   It is software program which will be attached with any softwares and send to victim.  While victim install the software ,the keylogger also start to work.  Keyloggers are exe files.

0 komentar:

Post a Comment