Nowadays email have become very essential in bussiness transaction,sharing vital info and keeping contacts.So,when an email account get hacked or compromised it become complete nightmare on part of the innocent user to recover it back.Today i have come up with this article to let you all know about common email hacking methods that can be employed.If a person know in what way he/she can be fooled or can be put in a trap before hand then he/she can adapt some preventive measures to overcome it and in that way can omit or avoid that attack.A very important thing i want to let you all know that email account cannot be hacked solely by the attacker but in some way or other the attacker needs the help of the user,the sense of the word "help" means the user has to do some fault or unknowingly do some mistake like click on some link sent by the attacker.
So let start with common email hacking methods:
Learn how to Hack a Facebook Account
(See the complete procedure)
PREVENTION:
-Always type the complete url of the intended webpage fo login.
-Use Anti-virus which has web browser integration facility to combat phishing like Bitdefender,Kaspersky.
-Never click a link in an email before verifing its authenticity.
2.RATS:
It is called the "Remote Administration Tools".It is a bit difficult process compared to phishing and its rate of success is also less.Nowadays one can find these tools installed hidden in the cybercafe so whenever you logging to your email account in a cybercafe do it at your own risk.These RATS can also be named as "password stealers".
Learn how to do this with ease.
PREVENTION:
-Avoid using email account in cybercafe and follow the security tips I mentioned.
-Never save your password in the web browser or click the remember password option.
-Use an updated Anti-Virus if possible an internet security package.
3.KEYLOGGING:The attacker deploy a software or hardware keylogger and monitor all the keystrokes of the user.The software keylogger is binded with many torrent files and online downloads.
(See the complete procedure)
PREVENTION:
-Scan the file with "Dr.Web link checker" before downloading.
-Scan the file with online multiple anti-virus engine ie. www.novirusthanks.org
-One can use anti-keyloggers like ZEMANA,KEYSCRAMBLER etc
4.SOCIAL ENGINEERING:
"Forgot password attack" is a form of social engineering,here the attacker tries to guess the security question of the email account and in that way reset the password and put his/her own password and login into the account.Here the attacker tries to compromise the account by penetrating the human intelligence.Social engineering was popularize by hacker turned consultant KEVIN MITNICK.
PREVENTION:
-Always give a very personal and difficult security question.
-Always give a secondary email address in the email account.
-Never leak out your personal and private details to any stranger or a person you do not trust.
5.SIDEJACKING:
An attacker can use this method to access the user's account without even knowing the password.Here the attacker can capture the seesion cookies to login to the account.Recently the addon of firefox called Firesheep was on news for this type of attack and we posted a tutorial on it.
PREVENTION:
-SSH tunneling is a very good option to avoid this type of attack.
-Use a VPN when access internet from a public wifi hot spot.
-It is recommended not to access personal accounts through public wifi.
6.FROM THE MAIL SERVER:
This is a method where the attacker need to be very professional and he/she doesnot need the help of the user to crack into the account,the attacker penetrates the google server and retrieves the password for the corresponding username.
So let start with common email hacking methods:
1.PHISHING:
One of the most successful Social engineering method of email hacking which employs spoof web pages or fake web pages inorder to fool the legitimate user.The attacker create pages which look excatly like the real one so, the user is fooled and login into it and in that process gives away his/her password to the attacker.(See the complete procedure)
PREVENTION:
-Always type the complete url of the intended webpage fo login.
-Use Anti-virus which has web browser integration facility to combat phishing like Bitdefender,Kaspersky.
-Never click a link in an email before verifing its authenticity.
2.RATS:
It is called the "Remote Administration Tools".It is a bit difficult process compared to phishing and its rate of success is also less.Nowadays one can find these tools installed hidden in the cybercafe so whenever you logging to your email account in a cybercafe do it at your own risk.These RATS can also be named as "password stealers".
Learn how to do this with ease.
PREVENTION:
-Avoid using email account in cybercafe and follow the security tips I mentioned.
-Never save your password in the web browser or click the remember password option.
-Use an updated Anti-Virus if possible an internet security package.
3.KEYLOGGING:The attacker deploy a software or hardware keylogger and monitor all the keystrokes of the user.The software keylogger is binded with many torrent files and online downloads.
(See the complete procedure)
PREVENTION:
-Scan the file with "Dr.Web link checker" before downloading.
-Scan the file with online multiple anti-virus engine ie. www.novirusthanks.org
-One can use anti-keyloggers like ZEMANA,KEYSCRAMBLER etc
4.SOCIAL ENGINEERING:
"Forgot password attack" is a form of social engineering,here the attacker tries to guess the security question of the email account and in that way reset the password and put his/her own password and login into the account.Here the attacker tries to compromise the account by penetrating the human intelligence.Social engineering was popularize by hacker turned consultant KEVIN MITNICK.
PREVENTION:
-Always give a very personal and difficult security question.
-Always give a secondary email address in the email account.
-Never leak out your personal and private details to any stranger or a person you do not trust.
5.SIDEJACKING:
An attacker can use this method to access the user's account without even knowing the password.Here the attacker can capture the seesion cookies to login to the account.Recently the addon of firefox called Firesheep was on news for this type of attack and we posted a tutorial on it.
PREVENTION:
-SSH tunneling is a very good option to avoid this type of attack.
-Use a VPN when access internet from a public wifi hot spot.
-It is recommended not to access personal accounts through public wifi.
6.FROM THE MAIL SERVER:
This is a method where the attacker need to be very professional and he/she doesnot need the help of the user to crack into the account,the attacker penetrates the google server and retrieves the password for the corresponding username.
Email hacking Methods
Reviewed by Satyajit (Admins,a.k.a Satosys)
on
Thursday, June 17, 2010
Rating:
No comments: