Wednesday, 21 May 2014

How Hacker Hack Email IDs!

Hello guys, today I am going to write about how hackers hack email IDs and spoof into them for personal information of the victim. I will mention all the methods used by hackers which will help you understand the basic idea about it. You might have a doubt about what advantage a hacker can gain  hacking an email id and spoofing in that. A hacker will be able to steal money, hack into a web server, access victim’s bank account etc just by hacking an email id! Surprised? Yes that’s true a hacker can gain access into all of them. If you still don’t believe this then read this…

How Hacker Hack Email IDs!

While practicing with my skills once I hosted a fake page on a public computer which was linked to my email! I constructed the page in such a way that once a victim enters his username, password and hits “log in” he will be redirected to his inbox but his username and password will be sent to my email id. I got a victim in my trap and I entered into his email account then I saw that he was an internet banker and hence his bank account was linked to his email. I simply sent a mail to the bank contact person and i received his personal data related to the bank. This way I was able to access his bank account and also was able to shop online by using his bank info.
So here are the methods used by hackers to hack an email id.

Method 1: Fake mail
This is the basic method employed by laymen to hack an email id. Hackers do not use this method unless the victim is a fool. You just have to send a mail containing false info and ask them to mention their username and password in the reply to get the access into that service which you mentioned in your mail!
This trick is not so efficient therefore hackers don’t prefer this method. You don’t have to be a hacker to perform this type of attack because this is just like a child’s play. This trick works only if you are able to fool the victim properly.

Method 2: Keylogging
This is the best method to hack an email id. You just need a keylogger which will send you every keystroke of the victim. You will have to pass a link containing the keylogger and it automatically gets installed in the victim’s computer. You have to find the best keylogger for employ this type of trick.There are keyloggers which work remotely and available online.
A professional hacker is capable of writing his own keylogger but if you are not one of them then you have to buy a keylogger online. If you have physical access to victims computer then you can upload a keylogger yourself and then later check out the keystrokes.

Method 3: Cookie Stealing
Cookie is a piece of text stored on victim’s computer by websites visited by the user. This stored cookie is used by web server to identify and authenticate the user. So, if you steal this cookie (which is stored in victim browser) and inject this stolen cookie in your browser, you can imitate victim identity to web server and enter his email account easily.
A hacker steals a session of the victim and logs into his email without giving the victim an idea about the stolen cookie. This is called Session Hijacking/ Cookie stealing

Method 4: Phishing
This is the trick I used in hacking the victim’s id which i mentioned above in the example! This is very simple trick, you just have to create a web page of the login form which exactly looks like the email service. Then you have to host it on a public server and send it to victim. When a victim uses that page to login his email and password will be sent to you via email!
To hack an email using phishing you must have a basic knowledge on HTML or there are many online tools which will automatically create a fake page. If you want to be a pro hacker then you must learn HTML and create a page.

Method 5: Remote Administration Tools
This is similar to keylogging! Remote Administration Tools (RAT) is the remote keylogging. Here you do not have physical access to the victim’s computer, but you still install it without alerting the victim about it.A keylogger software will operate in a complete stealth mode and thus remains undetected.

Method 6: Malware/ JavaScript
 A hacker writes a simple code which is referred as malware or JavaScript. Once the code is executed on the victim’s computer his credential data is sent to the hacker through the internal ports. A hacker saves the code on a web page which is later sent to the victim, when the victims opens the web page the code automatically executes and his system get vulnerable to the attacks.
So these are the common methods used by a hacker to hack into an email id. In my later articles I will describe each method with an example, so stay updated.

No comments:

Post a Comment