Basic Hack Methods :-
1. Human Errors
2. Fake Login Pages / Phishing.
3. Cookie Stealing/Grabbing.
4. Keylogging / KeyStroking / RATs / Trojans / Stealers.
5. Social Engineering.
Explanation :-
1. Human Errors :-
“Human Errors” is not really hacking but they are the mistakes we generally make and an attacker or someone takes control of our accounts. The most common example is that will using internet from a cyber cafe we accidentally or willingly save our login details in web browser which can later be accessed by anyone who uses that computer. Another example is that we are too careless about our passwords and give our passwords to our friends and cousins if they ask for it. In most cases they change it to play a prank or to take some revenge or else they act as careless as us and pass it on to someone who probably changes it. Or some times are password is too common to be guessed. Like in most cases people use their phone numbers, names, nicknames, city name or such common things as their passwords. Which can easily be guessed by anyone who knows them even a little.
2. Fake Login Pages / Phishing :-
Fake login pages or technically called Phishers are a copy of account login fage. Which looks exactly the same as real login page. So, at times they can be really tricky and a person having know how about them can get phished himself/herself. The attacker makes you login in that page some how and you do not get even a slightest hint that your login details have been sent to the attacker.
3. Cookie Stealing/Grabbing :-
Cookie Stealing or Cookie Grabbing is a method not used much these days by hacker since it seldom gets them password. They usually gain unauthorized access to your account by stealing or grabbing your cookies. How actually they do it is sent you some javascript saying that if you run it you will get cool orkut themes and stuff or you might unlock special features of facebook. When you run that javascript your unique login cookie is sent to them and they hijack your login session by replacing their login cookie by yours in theri web browser. Some times, it is also a website URL/link like these days it is being spread on orkut saying Get Free Cell Fone Recharge of Rs. 500.
4. Keylogging / KeyStroking / RATs / Trojans / Stealers :-
Keyloggers are special programs to record every key stroke on victim’s computer. In easy words it records every word and line that you type and sends it to the attacker. They might use filters in Keylogger program to just your account login details. But how do they install keylogger on your computer when no one except you can access your computer? Short answer is they install it remotely. Long answer is they might send you some file, picture or something like that. When you open it keylogger is automatically installed on your computer. RATs are similar but more dangerous. Remote Administration Tools (RATs) give an attacker full access to your computer. The attacker can control your pc in every way including accessing your hard drives, deleting or copying files etc. While, Stealers just sends the attacker passwords saved in your browser.
5. Social Engineering :-
Social engineering has became the most enjoyed method by attackers when it comes to hacking a specific target. What really is social Engineering based on is very simple. In social engineering the attackers gains all your personal information like name, phone number, location, postal code, birth date, your favorite and personal things etc. And then after gaining some of the confidential information the attacker attempts to reset your password by answering your security questions or by sending an email to your account company with all the details and claims the ownership of the account and they reset the password for attacker after he or she has verified all the details asked.
Solutions :-
1. Human Errors :-
To prevent getting hacked by human errors stop being stupid and careless! If someone asks for your password do not give it to them in any case. Tell them you have private stuff in your account which you can not share with anyone. While using internet from cyber cafes make sure you log out properly and that you do not save any of your passwords in any case. And whenever you are typing your passwords make sure no one is watching.
2. Fake Login Pages :-
Whenever, someone sends you a link which requests you to login from your existing account username and password do not login in any case. Because, other sites might need your email address to mail to sometime but they never need your password. If, at some point real login page appears. Before logining in make sure its the real link by inspecting the URL. Make sure itshttp://www.google.com/accounts or http://www.facebook.com/login.php . Do not login in any page which looks similar to it.
3. Cookie Stealing/Grabbing :-
Do not run any unverified javascript given by strangers or even friends. Because, your friend might not even know its harm. Do not open suspected links like get Free Recharge of 500. Think yourself, getting cellphone recharge for Rs. 500 is unreal !
4. Keylogging / KeyStroking / RATs / Trojans / Stealers :-
Do not accept file transfers from strangers or people you do not know well. Do not run any files which look harmful. Do not download files from shady websites. If you suspect some file to contain a Trojan or Keylogger, simply scan it at virustotal.com . If the files is 100% and not detected by even a single anti-virus only run or execute it then.
5. Social Engineering :-
Try keeping your personal information well hidden. Or in most cases do not use your personal information where it is optional. If there is some option to hide your birth year or birth date, then do hide it well. If not contrary to site terms and condition then use unreal information only then. Do not share confidential data with anyone on internet.
0 comments:
Post a Comment