Do you get scared when you hear the word ‘hacked’ ?
Does this word give you Goosebumps when you get to hear that your friend’s mail account just got hacked by an unknown person. And it might scare you even more when that account is used for some unethical purposes. If that is the case, then you need to know that one of the best methods to protect yourselves is awareness.
How they do it?
They are not magicians or some serious nerds sitting in a dark basement with many computers and powerful programs loaded on them as seen in Hollywood movies. They are just ordinary guys like you.
Neither is it that that social network or email company is so foolish that they allow hackers to hack them. They spend millions of dollars on their network security and majority of them are almost impenetrable.
It’s only you who allows them to hack your accounts!
Almost everyone today has got an email id or has an account on Facebook or some another social network. And every next day we hear that somebody’s Facebook account got hacked. As cyber security and privacy are important issues nowadays, we need to be well informed about these things and how to protect ourselves from these kind of hacking attacks.
So let’s proceed.
How and where your passwords are stored?
You should keep one thing in mind, the passwords you provide while registering anywhere on a mail service or a social network stays in only two places.
1. Website database (website database server)
2. In your mind (unless you have told your girlfriend/boyfriend)
It’s not stored anywhere else on your PC, web browser or in cookies or cache memory.
And hacking into a major mail providers website database is almost impossible as they spend millions and millions on their security and regularly check for any vulnerability or bug. So method 1 will not work. If someone claims to do so, they are totally fooling you. Every method directly/indirectly involves victim’s carelessness/lack of knowledge.
How they hack your account?
I can classify the ways of hacking someone’s Facebook account or any other mail accounts into 4 methods or ways.
The most major one is,
This is a special kind of software which logs your every keystroke and sends them anonymously to the hacker. They remain hidden and work in the background within Windows every time a computer starts up.
Thus when you type your email address and password in the login page, it gets recorded and secretly sent to the hacker. So how does this nasty software get installed in your computer?
Here USB drives and the internet play a major role. The hacker might send that Trojan through a mail attachment. It might seem an ordinary file to you, with nothing suspicious about it. But once it gets into your system, you are done! You might have downloaded different pirated software or cracks from various file hosting or torrents and it might come infected with Trojans or keyloggers as legit software. But don’t always trust them. Or it might arrive in your PC from your pen drive that the hacker has arranged for.
2. Social engineering
Many of you keep common passwords like your girlfriends/boyfriends name attached with your name, your birth date or your pet name or your mobile number, which makes it easy to guess the password. And you all know your password can be recovered from recovery options. If the hacker knows you personally, it’s not that tough for him to guess your security question or password, if you keep an easy one.
One of the most widespread and best method to get passwords. You might get an unknown link on a chatroom or inbox to login there as the company wants to check something or you can earn money from it. Never trust them. Facebook or any other company would never ask you to login through a special link or something. Always check your URL/Address bar if the address is the same as the website. The attacker might make a fake page of the website login page that looks exactly the same as the original website login page, host it somewhere and then send it to you. As you enter your login details the login info gets stored and you get redirected on the original website as nothing happened. So always check the website URL bar before logging in.
4. Session hijacking or cookie stealing
When you login on a website, it provides you with a cookie which tells the website that the respective user is online from his PC and his activities on the website . If the attacker somehow gets this cookie, he would be able to open your account without providing a password. This works well on WiFi or LAN networks. There is also a software named ‘firesheep’ for it. But you can protect yourselves by using https while on a login page. It’s generally overlooked and the consequences can be dangerous. You can protect yourself from this kind of attack by using encrypted connections.
Personal Note – These are very basic and most common methods used by hackers to hack you. It is a very vast topic and just not limited to these. I will soon start a new section about ‘Advance hacking’ where I would discuss about every advanced topic and in much detail. One more request to you – please don’t ask me to hack your bf/gf account. It’s a very irritating question and I would not accept your request in any case!
In my next post I will Teach you how not to get hacked. Till then stay tuned 😉