How your Yahoo! Mail account can be hacked with phishing – A real life example explained

Introduction

In this article, I am going to illustrate a real life scenario where an attempt to hack my email account was carried by fooling me into giving my user name / password through a fake website that looks like Yahoo! Mail.

Such attacks, where the victim is lured into entering information in what looks like an innocent website, are called “phishing attacks”. Wikipedia defines “phishing” as the following:

Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication

In the subsequent sections I will show you how the attack is carried, how you can inspect such emails by yourself and then conclude by giving you some safety guidelines. Continue reading

How to steal facebook accounts?

Catchy title huh?

Well, I am going to tell you how to do that, but first let me explain to you about what we call “phishing” yeah with a”ph” and not an “f” as fishing the fish! 😛

Okay, as Wikipedia puts it:

“Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication.”

In simple terms, it is to trick user into going to a fake website that looks like a genuine website, and have him/her submit hir* username/password to that fake website.

As a live example, the website: http://www.faceilbook.com is a phishing website where you are tricked to believe that this site is facebook. Now look closely:

1. That website is not facebook, it is f a c e i L b o o k . c o m
Notice the “i” and “L” introduced in the name. These are tricky characters that are not easily seen in the URL.
2. Notice the domain name WHOIS information of this website:

http://whois.domaintools.com/faceilbook.com

It the domain name was registered by a Chinese person.

3. Notice the source code of that fake website, it will redirect you to the profile:
http://www.facebook.com/profile.php?id=81014163 after you give away your username/password.

It looks like “Carl Cachia” is somehow involved in this scam.

My advise to you:

1. Never to click any URL or address you are given, even by the trusted ones, without making sure that the website looks okay or not (as I explained above). Your trusted friend might be infected by a virus which sends this fake website automatically.

2. Always doubt when you click on a URL and you suddenly find yourself being asked to enter your username and password

3. In case of doubt, enter a wrong username/password and see if the website reacts normally.

That’s all for now, hope you got informed!

Take care,
Elias