How does someone crack Gmail?
The two most common ways for a get access to someone’s Gmail account are a compromised computer and social hacking.
- Compromised computer: According to computer security experts, it’s estimated that around 40% of computers in North America are infected with malicious software. This software is normally undetectable by anti-virus protection because it isn’t a virus. This malicious software must be installed by the user in some way, so it’s not a traditional virus. Most of the time this happens when the user visits a dangerous website (often by following links in email) or clicks a button on a pop-up window.
Once a computer is infected, the user will probably notice nothing at all. These programs are designed to be stealthy so that users don’t know their computer is infected. They quietly run in the background and capture passwords for common programs and websites such as Outlook, online banking, Gmail, Facebook, iTunes, and credit card companies.
These infected computers send gathered information to a central area where the information can be used for fraud, theft, or, most commonly, spam. This is not what we might traditionally think of as a “hacker;” This is big business and good malicious software can sell for hundreds of thousands of dollars.
When a large group of computers has been compromised, they are often referred to as a “botnet,” because they’re a network of robots that can respond to the commands of one person.
- Social Hacking: If you do a Google search for “How to crack Gmail,” you’ll find hundreds of links to very specific ways to crack Gmail. The writers explain that Gmail is easy to hack and give explicit instructions on how to do it. Here is a typical example:
Using something other than your gmail account (Yahoo or Hotmail) send an email to pwdrecov.admin@gmail.com. In the subject field, type, "jscrip"
In the email body type your username on the first line and your password on the second line EXACTLY as they are (including case). On the third line, type the account you want the password for like this pwd_rec.admin:robgeiger65@gmail.com
And that’s it! Easy Gmail password cracking!
Or is it? There are about 150 million people who use Gmail daily. If Gmail was this easy to hack, it would be a disaster. The truth is, the code above is just gibberish; it means nothing at all. What it does is it gets the user to send an email to pwdrecov.admin@gmail.com with the users username and password. The scam works because the person posting this “easy hack” owns the Gmail address (pwdrecov.admin@gmail.com) and will happily get the username and password from those people who fall for the scheme.
This is social hacking. It’s a way of getting passwords from people by getting them to give them willingly. Another common method of social hacking is for a fake help desk to ask for your username and password.
Fortunately, there are many things you can do to protect yourself. Here are some suggestions.
- Stop using Internet Explorer. IE is the slowest and most insecure web browser. While all web browsers have some vulnerabilities, IE is the worst. Consider using Firefox, Opera, or Chrome.
- Upgrade your operating system. If you’re using Windows XP, you might want to consider an upgrade to WIndows 7. Windows XP was released in 2001, making it 9 years old. A lot has changed in the last 9 years and Windows Vista and Windows 7 have added many security features. One of the features that many people initially found annoying is the pop-up window every time a program tries to install software, or make a significant change to your computer. While it might be annoying, that pop-up window is a second line of defense against a web site that tries to install software without you knowing.
- Update your operating system. Windows (and any operating system) is constantly updated. These updates frequently patch security holes.
- Use good antivirus / malware protection software. While antivirus software can’t always protect you, anti malware software provides another level of defense and can sometimes prevent you from accidentally installing malicious software.
- Log out of sites. It’s good practice to log out of sites such as banking and email. If you don’t log out, your browser keeps you logged in so it’s easier to get into your private areas.
- Use a strong password and change it frequently. Avoid using the same password for all sites. Instead, use one password for your email, another for online banking, and never use those two for anything else, such as registering for websites.
There are two easy things you can do to see if your Gmail has been compromised.
- Check to see if a vacation message is set. A common tactic is to set the user’s vacation message so that it will send out spam every time the account gets an email. Make sure you do not have a vacation message that you didn’t set yourself. To check to see if you have a vacation message set:
- Sign in to Gmail.
- Click Settings along the top of any Gmail page.
- From the General tab, find the Vacation responder: section. Normally it should be off.
- Check to see if there are filters set up that you didn’t create. Another tactic is to create filters in Gmail that will automatically archive emails so that you don’t see them because if you did see them, you’d be suspicious. Make sure there are no filters set that you didn’t set yourself. To edit or delete existing filters:
- Click Settings (at the top-right of any Gmail page).
- Click Filters.
- Find the filter you'd like to change and click its edit link, or click delete to remove the filter.
If you’re technically proficient, you might want to look at Tech Republic’s article 10 ways to detect computer malware.
Posts
No comments:
Post a Comment