Not many people get the point that there is no software which will hack email accounts for you upon entering the email address of the person you want to hack, At least they aren’t made available to the general public.Here I will discuss with you the different basic methods black hat hackers often use to get hold of a person’s email account or other web accounts and how you can take preventive measures against these attack methods, Please note that this is not a step by step guide to hack online accounts.
How Do They Hack These Accounts?
These are the widely used tactics to hack web accounts and other password protected accounts.
1. Brute Forcing
What is Brute Forcing?
Brute Forcing is a method of guessing passwords, This is used with dedicated applications like Brutus or JohnTheRipper. These tools work in three modes
- Brute Forcing: This takes time but guarantees the Password hack, This is done by using a combination all the Alphabets and Character keys on the keyboard. This usually takes huge time for example to break a strong password it might take Months to Years. It all depends on the level of password strength and the processing power of the system used to brute force.
- Dictionary Attack: This mode is used when a predefined dictionary of common passwords are loaded into the application, The software tries all the passwords in the list.
- Combo Attack: This is a special type of Dictionary where there are usernames along with passwords, the software tries their combination.
- Use a strong password which includes combination of alphabets, numbers, symbols.
- You can also install LastPass password manager to generate & save unique strong passwords for your accounts.
What is Keylogging?
Keylogging is an act of capturing the keystrokes pressed on the keyboard. Keyloggers are spy softwares which secretly track you without showing any signs of their existence (up to an extent).
What do they do?
These loggers keep a log file in your computer (obviously hidden) with the keystrokes and screenshots it has logged while you typed. Then when you connect to the Internet next time, these logs are sent to the Hacker’s Email or FTP account.
- Don’t click on suspicious links, downloaded files.
- Must Read: How to Use Sandboxie to Prevent Keylogger Infections
What is Phishing?
Phishing is a method of tricking the person to enter his login credentials on a fake website which resembles the original website in looks but not in function. These websites are usually exact replicas of the original website but since the original Domain is registered, They end up using similar looking/sounding domain names such as faceboook.com (notice the extra ‘o’ in it) etc to trick you into entering your details.
How does it work?
- Check the Address bar of your browser and confirm that you are on the correct page before entering your login credentials.
- Beware of pages asking for Java Access.
- Install McAfee Site Advisor to dodge malicious sites.
4. Social Engineering
What is Social Engineering?
This is a pretty old but effective method, In this method you talk to the person whose password you want to reveal and extract from him as much information as you can like the length of password, Hints etc and then use this information to attack the user’s account. They can use this information to reset your password and then later change your password reset options so that you are completely locked out of your account.
- Common sense.
- Do not share your private details like Mother’s Maiden Name etc with strangers.
5. Fake Softwares
What is this?
Suppose you open up your Email one day, there is a mail saying you are given a free software which claims to hack any Email account whose Email ID you enter in the software, You are so excited that you download the software instantly and fire up the app, But actually it is a Backdoored Trojan and/or Keylogger and you end up losing your own password. You will learn more about Trojan below.
- Do not download unwanted softwares.
- Do not download from untrusted sources.
- Scan for file with multiple antiviruses before opening them.
6. Remote Administration Tools [RAT]
What are RATs?
RATs or Remote Administration Tools are Softwares like Trojans which gives a hacker the remote access to your computer, He can then use your computer just like his own from his PC. RATS can also embed in other Malicious content like Keyloggers, Spyware etc.
- Similar to the ones I shared for Keyloggers.
- If you find any suspicious processes in your Task Manager process list then scan your computer.
These were the most commonly used methods to hack web account passwords. Please share these tips with your friends on Twitter, Facebook and Google Plus.