As we have discussed earlier about various kind of frauds in the post “Truth about hacking Facebook,Gmail,yahoo etc part-1”
In this post lets discuss about some more kind of frauds.
You might have come across many tutorials/videos that ask you to compose an email something like abc@xyz.com.
You are asked to enter the victim’s email ID, your email ID, your password and they promise you that you would get requested password within 24 hours.
The main idea behind this process is to steal the passwords of innocent people.Finally,your own account gets compromised.
Trust me , you cant even imagine the number of people who become victim of such fu*cking things.
Ultimately they lose their money,time,accounts but get nothing in return. So be careful of such kind of frauds.
Is there any way to hack these accounts ?
Technical:
1. Phishing-The most known and popular way of hacking them is phishing.The main motto of phishing is fooling people by Fake Login Page.The victim is anyhow made to enter his credentials in fake login page which resembles the genuine login page and gets hacked.
2.Malicious files-It is usually a key logger or Trojan. The victim is given a malicious file.It could be binded with or hidden behind a genuine file.A key logger is a process which secretly records everything you type and sends to attacker.Obviously those records include your passwords too.
3.Stealing Sessions-Talking in simple language, whenever we sign into an account it generates a unique piece of string.One copy is saved on server and other in our browser as cookie.Both are matched every time we do anything in our account.
This piece of string or login session is destroyed when we click on ‘Sign Out’ option.An attacker can steal that session by convincing victim to run a piece of code in browser.
Attacker can use that stolen session to login into victim’s account without providing any username/password.
This attack is very uncommon because when the victim clicks ‘Sign out’ ,session gets destroyed and attacker too also gets signed out.
Non-Technical:
When ever we are signing up for an account, we generally come across the situation were we are supposed to set a security
question like our birthday place or nickname etc, so that we could recover our account in case if we forget our password.
Many of people sets the correct answer which are not supposed to be done.
Gathering some piece of information about the victim and try to guess the answer of security question of an attacker is not a big deal for him.
Finally what I want to conclude by this post is
Sign up for an account at gmail/yahoo/facebook/orkut/hotmail.Now forget its password and recovery options
Never login into it . Can anyhow the password be cracked/hacked.?? Answer is for sure NO.