The Basic level Hacking is Email Account Hacking. Everyone like to do first email account hacking only. So here is the tutorial for budding hackers about email Hacking.
There are different types of Email Account Hacking techniques here I am giving some of them :
Social engineering takes advantage of the weakest link in any organization’s information an keep a trap to collect more secure information. Social engineering is physically “people hacking” technique and involves maliciously exploiting the trusting nature of human beings to obtain information that can be used for personal gain.
Social engineering is one of the toughest hacks to perpetrate because it takes great skill to come across as trustworthy to a stranger. It’s also by far the toughest hack to protect against because people are involved.
Social Engineering is different from Physical Security exploits. In social engineering hackers will analyze about victim. Hackers will send mail to victim. The contents will be related to the victim.
There are different types of Email Account Hacking techniques here I am giving some of them :
- Social Engineering
- Phishing
- Brute Force Attack
- Keylogger
- Guessing the Answer for the Security Question
Social engineering takes advantage of the weakest link in any organization’s information an keep a trap to collect more secure information. Social engineering is physically “people hacking” technique and involves maliciously exploiting the trusting nature of human beings to obtain information that can be used for personal gain.
Social engineering is one of the toughest hacks to perpetrate because it takes great skill to come across as trustworthy to a stranger. It’s also by far the toughest hack to protect against because people are involved.
Social Engineering is different from Physical Security exploits. In social engineering hackers will analyze about victim. Hackers will send mail to victim. The contents will be related to the victim.
Example:
✓ False support personnel claim that they need to install a patch or new version of software on a user’s computer, talk the user into downloading the software, and obtain remote control of the system.
✓ False vendors claim to need to update the organization’s accounting package or phone system, ask for the administrator password, and obtain full access.
✓ Phishing e-mails sent by external attackers gather user IDs and passwords of unsuspecting recipients. Hackers then use those passwords to gain access to bank accounts and more. A related attack exploits cross-site scripting on Web forms.
✓ False employees notify the security desk that they have lost their keys to the computer room, receive a set of keys from security, and obtain unauthorized access to physical and electronic information.
Phishing Web Page:
It is a fake webpage which looks similar to the original page of the website. Using this Fake Web Page we can easily get the Password of victims. The processes involved in creating Phishing webpage are:
✓ First Visit the Website which is associated with the email id. Copy the Source code.
✓ Edit the Source code such that it will store the password for you.
✓ Upload the Webpage to any free webhosting sites.
Try uploading the Fake web site through the proxy server.
Brute Force Attack:
A famous and traditional attacking method is Brute Force Attack. In this method, the password will be found by trying all possible passwords with any program or software tools, which are available plenty on internet.
Keyloggers:
It is one of the spyware software program hides it self inside the system, When user type anything from his keyboard it will capture and send it to the remote user. This software program which will be attached with any softwares or photos or images as hidden file and then send to victim through email. When victim open the file or click on picture or image then automatically keylogger program installed on victims computer, without his knowledge. Then it starts working in background without knowledge of victim and send the username, passwords, bank account details etc to remote user in regular intervals.
Guessing the Answer for Security Question:
Do you remember that the mail sites will ask for the security questions to retrieve the mail account? You can hack the mail account simply guessing the answer. If the victim is your friend, then it may very easy to hack. There are software tools and dictionaries are available on internet.
✓ False support personnel claim that they need to install a patch or new version of software on a user’s computer, talk the user into downloading the software, and obtain remote control of the system.
✓ False vendors claim to need to update the organization’s accounting package or phone system, ask for the administrator password, and obtain full access.
✓ Phishing e-mails sent by external attackers gather user IDs and passwords of unsuspecting recipients. Hackers then use those passwords to gain access to bank accounts and more. A related attack exploits cross-site scripting on Web forms.
✓ False employees notify the security desk that they have lost their keys to the computer room, receive a set of keys from security, and obtain unauthorized access to physical and electronic information.
Phishing Web Page:
It is a fake webpage which looks similar to the original page of the website. Using this Fake Web Page we can easily get the Password of victims. The processes involved in creating Phishing webpage are:
✓ First Visit the Website which is associated with the email id. Copy the Source code.
✓ Edit the Source code such that it will store the password for you.
✓ Upload the Webpage to any free webhosting sites.
Try uploading the Fake web site through the proxy server.
Brute Force Attack:
A famous and traditional attacking method is Brute Force Attack. In this method, the password will be found by trying all possible passwords with any program or software tools, which are available plenty on internet.
Keyloggers:
It is one of the spyware software program hides it self inside the system, When user type anything from his keyboard it will capture and send it to the remote user. This software program which will be attached with any softwares or photos or images as hidden file and then send to victim through email. When victim open the file or click on picture or image then automatically keylogger program installed on victims computer, without his knowledge. Then it starts working in background without knowledge of victim and send the username, passwords, bank account details etc to remote user in regular intervals.
Guessing the Answer for Security Question:
Do you remember that the mail sites will ask for the security questions to retrieve the mail account? You can hack the mail account simply guessing the answer. If the victim is your friend, then it may very easy to hack. There are software tools and dictionaries are available on internet.
