How email accounts get “hacked”
Alex HD at
HostingXtreme on 2013-04-11. Comments Off on How email accounts get “hacked”
How email accounts get “hacked”
At HostingXtreme, we are often asked to help out our clients or friends for recovering from a hacked email account, including Yahoo, Hotmail and GMail.
Although we had covered this in our previous newsletters, we have come up with a list of Frequent and Important questions that “victims” ask us.
Here’s the list:
- Who “hacked” into my account?
Typical compromised email accounts have a truck load of emails going out to email addresses around the world, including to the victims entire contact list. The “hackers” are usually people not known to the victim and have picked the victim randomly.
- What do these “hackers” want?
The erstwhile hacker wanted nothing more than another email account to advertise his goods by sending spam mail. Eg: Watches, Pills, Air Tickets etc.
However, in recent times, hackers have used compromised email accounts to do much more.
From conning people into lending the victim (read hacker) money, to collecting botnets (see below), the modern hackers are getting smarter.
- How did they “hack” into my account? My password is stronger than supercalifragilisticexpialidocious
Having a strong password, is very important, but not the only security measure.
Common methods of getting your email address “hacked” include:
* Using a pirated operating system from a shady friend. Most of the DVDs are “pre-infected” with the latest trojan, so you dont need to look far.
* Using a pirated Anti-Virus which wont allow updates.
* Logging into a malicious Social Networking App on your mobile phone.
* Clicking on suspicious email links which place filters in your email account to forward all your email.
* Clicking on suspicious email links which capture your password when you reenter it on their website (phishing) is most common
* Using a cyber cafe computer with friendly advertising pop-ups and key loggers to record every keystroke.
* Allowing users to “shoulder-surf” while you are entering your password. Anybody looking over your shoulder or sitting next to you may see what password you are typing in.
* Announcing your password knowingly or unknowingly.
- I have the most expensive Anti-Virus and Trojan Buster in the world. I still got hacked!
Modern victims receive a suspicious mail claiming to have come from their service provider (like Yahoo or Hotmail) and then asking them to re-verify their account by entering their login details in a form that comes up.
When they do this, they have just sent their password to the hackers. This tactic is called phishing and is also commonly used to steal Credit Card information.No matter how much security software is used, the email address user is the weakest link and easiest to compromise.
- Whose fault is it?
More than 99% of the time, it is the fault of the owner of the email address.
Either they did not have an active anti-virus on their computer or they simply gift-wrapped the password to the hacker.
- Why do you use the word “hacked” or “hacker” in double quotes?
It is quite amusing to hear what email hacking victims think about “hackers”. Its always a very Hollywood-like story.
The original hackers were very intelligent computer geeks who could bypass a computer system’s security using technical tools and tactics.
Nowadays the term “hacker” loosely refers to a con artist or person who uses deception to gain access to computers or email accounts.
In such cases, it is mostly the victim who has allowed the system to be compromised, due to their own negligence, ignorance or carelessness.
- My friends email got hacked too. Now what?
Check out our article on First-Aid tips to recover a compromised email address.
- What Anti-Virus do you recommend for my office or home? What Operating System should I have?
* Any good Anti-Virus which has the latest updates, should do the trick. Make sure you scan you machine regularly and keep the A-V updated.
* The same goes for your Operating System, it should not make a difference.
Our personal preference is Ubuntu Linux due to its low maintenance and cool free Apps and Interface. Linux machines are less prone to malicious software or virus attacks.
While this information may seem over-hyped and causing paranoia, it will be more pleasant to secure your systems, rather than hear the “I told you so” from your friends.
We are always ready and willing to advise anyone with a compromised account.
Its time you looked at updating your passwords and ensuring that your computer is not part of the next spam botnet.