Home About Links Contact Info Blog / Articles

Articles

8/14/2012 - Hacked!

I get random spam emails.  Often.  Sometimes those emails are from family / friends.  They typically come in with some horribly spelled subject line, and a link inside the email that will go off to a far away land that will either attempt to sell you something, or infect your computer with a form of virus / spyware.

Now, this post is to help you identify how you are being 'hacked'.

First things first, you haven't been hacked.  Being hacked is a very difficult task, and requires an enormous amount of work by the said hacker / cracker.  "So what do you mean I wasn't hacked, how did they start sending emails from my account?".  Whoa, hold up just a moment, I'm getting to that.

First off, either you are getting 'phished', or you are being 'sniffed'.

Getting phished is typically when you receive an email with a link, you click it and you end up going to facebook.com and you have to login.  When you login, it is very possible that all you are doing is logging in to a dummy site.  If you check the domain name, you may notice there is nothing regarding facebook.com anywhere in that URL.  So, basically all that is happening, is the person that created the phishing email is just collecting hundreds of thousands of email address and passwords to go along with it.  Exciting right?

"What are these phishers going to do with my email address?"  Well, if you went to the phishing version of facebook, chances are this person is going to create posts on your behalf so that they can make money through advertising or sales by sharing stuff with all 1372 friends of yours on facebook.

If it were yahoo / gmail, etc, then they are going to send out emails from your behalf to a majority of the users in your address book.  They will then make money from advertising / sales that way.  It's a vicious circle.

Now, option number 2 is what I call sniffing.  Sniffing has been around for a VERY long time.  Whenever data is sent over the internet it is sent in little boxes known as packets.  When those boxes get to their final destination, they are put together and become a webpage or an email, or a  picture, etc.  Whatever it is, the data is being sent through open communication lines.  Now, with that idea, the data is open to vulnerabilities.  With the right tools, someone can read the data in those boxes and make some educated guesses on what's inside.  That is where the sniffing comes in.  A packet sniffer can read and decipher the stuff in those boxes, and with enough boxes, it can get some juicy data.

"Ok, so you're saying that my data isn't protected at all?  I'm never using the internet ever again!"  Hold up just a moment, most of the data that you view or send on the internet is relatively safe from being stolen.  UNLESS, you are on a wifi network at say a Starbucks or Burger King.  If you connect to a free wifi connection, and you login to a website to check your email or facebook, it's VERY possible that there is someone else on that same network looking for data going through that same connection.

In conclusion, be aware of phishing and sniffing and the internet will be a safer place for everyone.


Tags: phishing, sniffing, i have been hacked, hacked

jake@jakesiegel.com

Permanent Link to Hacked!

Archives:
August 2012
June 2012
April 2012
July 2011
February 2011
December 2009
November 2009