Monday, October 21, 2013

Different types of Email Account H@cking

The Basic level H@cking is Email Account H@cking.  Everyone like to do first email account h@cking only.  So here is the tutorial for budding h@ckers about email H@cking.

There are different types of Email Account H@cking .  Here is some of them :

  1. Social Engineering
    • Phishing
  2. Brute Force Attack
  3.  Keylogger
  4.  Guessing the Answer for the Security Question

Social Engineering:

Social engineering takes advantage of the weakest link in any organization’s
information security defenses: people. Social engineering is
“people h@cking” and involves maliciously exploiting the trusting nature of
human beings to obtain information that can be used for personal gain.

Social engineering is one of the toughest h@cks to perpetrate because it takes
great skill to come across as trustworthy to a stranger. It’s also by far the
toughest h@ck to protect against because people are involved.

Social Engineering is different from Physical Security exploits . In social engineering h@ckers will analyze about
victim.  H@ckers will send mail to victim.  The contents will be related to the victim.


✓ False support personnel claim that they need to install a patch or new
version of software on a user’s computer, talk the user into downloading
the software, and obtain remote control of the system.
✓ False vendors claim to need to update the organization’s accounting
package or phone system, ask for the administrator password, and
obtain full access.
✓ Phishing e-mails sent by external attackers gather user IDs and passwords
of unsuspecting recipients. H@ckers then use those passwords to
gain access to bank accounts and more. A related attack exploits crosssite
scripting on Web forms.
✓ False employees notify the security desk that they have lost their keys
to the computer room, receive a set of keys from security, and obtain
unauthorized access to physical and electronic information.

 Phishing WebPage:

     It is a fake webpage which looks similar to the original page of the website.  Using this WebPage we can easily get the Password of victims.  The process involved in creating Phishing webpage are,
✓ First Visit the Website which is associated with the email id. Copy the Source code.
✓ Edit the the Source code such that it will store the password for you.
✓ Upload the Webpage to any free webhosting sites.  (don't select a famous hosting site,they will find that
    your page is fake). Try uploading through the proxy server.

Guessing the Answer for Security Question:
    Do you remember that the mail sites will ask for the security questions to retrieve the mail account?  You can h@ck the mail account simply guessing the answer.  If the victim is your friend ,then it may very easy to h@ck. 

Brute Force Attack:

A famous and traditional attacking method .  In this method ,the password will be found by trying all possible passwords with any program or software.


  It is one of the spyware which will capture what you type in the keyboard.  so whenever you type the username and password ,it will simply capture.

   It is software program which will be attached with any softwares and send to victim.  While victim install the software ,the keylogger also start to work.  Keyloggers are exe files.


Post a Comment