Hii Friends, today I am going to share most important article for the beginners who have just started exploring hacking and for people who aren't interested in learning hacking but needs somebody's account password anyhow. I want you to aware about common misconceptions in regarding Email/Social Networking Sites about online accounts hacking.
Otherwise those thoughts/misconceptions/articles/Blogs can seriously put you in trouble. We usually start like googling this, "how to hack gmail", "softwares for hacking orkut", "how to hack facebook"… etc but unfortunately reach some malicious websites, follow stupid instructions and our own accounts get hacked.
Otherwise those thoughts/misconceptions/articles/Blogs can seriously put you in trouble. We usually start like googling this, "how to hack gmail", "softwares for hacking orkut", "how to hack facebook"… etc but unfortunately reach some malicious websites, follow stupid instructions and our own accounts get hacked.
When I was a beginner, my rediffmail account gets hacked because of lack of awareness or knowledge.
Okay talking in general, suppose you just have signed up for an account (gmail, yahoo or any other reputed website). Your password is stored only at two places: -
Okay talking in general, suppose you just have signed up for an account (gmail, yahoo or any other reputed website). Your password is stored only at two places: -
· In website's database
· In your mind
(Don’t say a stupid thing that it is also saved in a text file on your PC or in your girlfriend's mind etc)
(Don’t say a stupid thing that it is also saved in a text file on your PC or in your girlfriend's mind etc)
Stealing your credentials (Id/password) from website's database is almost impossible. Company like Microsoft, Google, Yahoo, Facebook…ect are paying millions of dollars for securing their systems. Hard Core hackers might get success.
Now talking about your mind, it might be really very simple to do this with the help of Social Engineering.
Now talking about your mind, it might be really very simple to do this with the help of Social Engineering.
Shocked?
At this point, I must say that hacking an email account depends strongly on carelessness/foolishness of victim.
FAQs or misconceptions regarding the following points:-
· Does any free/paid software/program/cracker exist to hack such accounts?
No ...You might get numberless free or premium software’s which claim to crack email accounts. The software’s just ask you to enter victim's email and start cracking/generating password.
I have already told you about two places where one's password is. From where the hell, these softwares would bring passwords for you? This kind of stuff is undoubtedly scam/rubbish.
I have already told you about two places where one's password is. From where the hell, these softwares would bring passwords for you? This kind of stuff is undoubtedly scam/rubbish.
· Is there any free/premium online service to hack such accounts?
No... You might have logged on to many websites that claim to crack any email account for some amount of money. They are completely fraud and be aware of them. Don’t lose your money there!!
No... You might have logged on to many websites that claim to crack any email account for some amount of money. They are completely fraud and be aware of them. Don’t lose your money there!!
· Another type of fraud: -
You might have come across many tutorials/videos that instruct you to compose an email to something@something.com. You are asked to write victim's email ID, your email ID, your password and are assured that you would get requested password within 24 hours.
Needless to say, it is an idea of befooling innocent people. Of course, your own account gets hacked.
Needless to say, it is an idea of befooling innocent people. Of course, your own account gets hacked.
Believe me, you can’t imagine the number of people who become victim of such rubbish things. They lose their money, time, accounts but get nothing in return. So take care.
The above all points are examples of one type of Hacking known as “Social Engineering - Art of Manipulation”
How to hack these accounts?
Every method directly/indirectly involves victim's carelessness/lack of knowledge.
· Non-Technical : -
While signing up for an account, we are asked to set a security question like our nickname, birthday place etc so that we could recover our account in case we forget our password. Many innocent people sets the correct answer which they are not supposed to do. Gather some information about victim and try to guess the answer of security question is very simple.
· Technical-
1. Phishing - The most common way of hacking them is phishing. The common type of phishing is Fake Login Page. The victim is anyhow anyway made to enter his credentials in fake login page which looks like genuine login page and gets hacked. Read More here.
2. Malicious files - The victim is given a malicious file. It could be binded with or hidden behind a genuine file. It is usually a keylogger or trojan. A keylogger secretly records everything you type and sends to attacker. Obviously records your passwords too. Read more here.
3. Stealing Sessions - Talking in simple language, whenever we sign into an account it generates a unique piece of string. One copy is saved on server and other in our browser as cookie. Both are matched every time we do anything in our account. This piece of string or login session is destroyed when we click on 'Sign Out' option. An attacker can steal that session by convincing victim to run a piece of code in browser. Attacker can use that stolen session to login into victim's account without providing any username/password. This attack is very uncommon because when the victim clicks 'Sign out', session gets destroyed and attacker too also gets signed out. Read more here.
Note-You might be thinking that one could sniff the credentials sitting in same network. But I should remind you that, they would be encrypted ones and cracking the SSL encryption is almost impossible.
Conclusion: -
Sign up for an account at gmail/yahoo/facebook/orkut/hotmail. Now forget its password and recovery options. Never login into it. Can anyhow the password be cracked/hacked.?? Answer is big NO.
Sign up for an account at gmail/yahoo/facebook/orkut/hotmail. Now forget its password and recovery options. Never login into it. Can anyhow the password be cracked/hacked.?? Answer is big NO.
So, this is one more awareness article share by TRICKS4INDYA & some of the previous awareness articles are: -
Main aim of TRICKS4INDYA to post awareness article is to make aware you from cybercriminals / Hackers. If you know above tricks written in these articles then I think you are update & very less chance to become victim of cybercriminals / Hacker. As I told you one of the best methods to protect yourself is “Awareness”.
Kindly Share this knowledge with as many people as you can and aware them about the misconceptions.Feel free to mention your queries/doubts in comments. Keep Learning.
Note: This is illegal and is for educational purpose only. Any loss/damage happening will not be in any way our responsibility.
If you want to keep up-to-date on the Ethical Hacking Tutorials news, latest Tips & Tricks, latest scams & most important awareness and are a member of Facebook, don't forget to Join the Tricks4indya Facebook page to keep informed about the latest security.