Attacks Used to Hack Email Accounts and Their Preventive Measures Essay Example

Attacks Used to Hack Email Accounts and Their Preventive Measures Essay The present-day network threat scenario is unprecedented in both scale and impact. CYBER CRIMINALS has become increasingly confident in their own abilities because of good organization skills and years of experience in evading law enforcement. Armed with sophisticated technical knowledge, a whole bunch of tools and operating systems with exploits, their sole objective today is to cause irreparable damage to the security and business interests of organizations. The biggest â€Å"brand name† between all terrorist groups across the world The Al-Qaeda†, Islamic militant group â€Å"Tehrik-I-Taliban Pakistan† and many more terrorist organizations perform cyber terrorism i. e. , disrupt attacks against information systems for the primary purpose of stealing confidential information regarding the nation’s security issues and secondary purpose is creating alarm and panic among the cyber army of the nation. This can include use of information technology to organize and execute attacks against networks, computer systems and telecommunications infrastructures, or for exchanging information or making threats electronically. Therefore there is a huge requirement for each and every one of us to know the minimum preventive measures so as to avoid the exploitation of a hacker as he may use our computer as a shield to hide his identity. Our paper discusses on the types on hackers and the main motto behind these people performing these attacks in an attempt to compromise any computer system. Our paper emphasizes on various methods by which passwords can be stolen and then used for personal purpose. A live performance on how an account can be hacked (say facebook) will be demonstrated by using the phishing attack. We will write a custom essay sample on Attacks Used to Hack Email Accounts and Their Preventive Measures specifically for you for only $16.38 $13.9/page Order now We will write a custom essay sample on Attacks Used to Hack Email Accounts and Their Preventive Measures specifically for you FOR ONLY $16.38 $13.9/page Hire Writer We will write a custom essay sample on Attacks Used to Hack Email Accounts and Their Preventive Measures specifically for you FOR ONLY $16.38 $13.9/page Hire Writer All the preventive measures that needs to be taken to overcomes these problems and stay safe from this cyber world attackers will be briefly explained so as to make everyone technically strong and preventing their computers getting exploited†¦ Let’s build a stronger nation†¦. JAI HIND†¦ Vamshi Krishna Gudipati A. K. A h4x0r le610n, 4th year b. tech, COMPUTER SCIENCE AND ENGINEERING, WARANGAL INSTITUTE OF TECHNOLOGY AND SCIENCE. Information security  means protecting information and  information systems  from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. The terms information security,  computer security  and  information assurance  are frequently used interchangeably. These fields are interrelated often and share the common goals of protecting the  confidentiality,  integrity  and  availability  of information; however, there are some subtle differences between them. These differences lie primarily in the approach to the subject, the methodologies used, and the areas of concentration. Information security is concerned with the confidentiality, integrity and availability of  data  regardless of the form the data may take: electronic, print, or other forms. Computer security can focus on ensuring the availability and correct operation of a  computer system  without concern for the information stored or processed by the computer. Information assurance focuses on the reasons for assurance that information is protected, and is thus reasoning about information security. Governments,  military,  corporations ,  hospitals, and private  businesses  amass a great deal of confidential information about their employees, customers, products, research, and financial status. Most of this information is now collected, processed and stored on electronic  computers  and transmitted across  networks  to other computers. WHAT IS HACKING Unlike most computer crime / misuse areas which are clear cut in terms of actions and legalities (e. g. software piracy), computer hacking is more difficult to define. Computer hacking always involves some degree of infringement on the privacy of others or damage to computer-based property such as files, web pages or software. The impact of computer hacking varies from simply being simply invasive and annoying to illegal. There is an aura of mystery that surrounds hacking, and a prestige that accompanies being part of a relatively elite group of individuals who possess technological savvy and are willing to take the risks required to become a true hacker. An interesting alternative view of how hackers positively impact areas such as software development and hacker ideology is presented in  Technology and Pleasure: Considering Hacking Constructive. WHO IS A HACKER In the computer security context, a  hacker  is someone who seeks and exploits weaknesses in a computer or computer network. Hackers may be motivated by a multitude of reasons, such as profit, protest, or challenge. The subculture that has evolved around hackers is often referred to as the computer underground but it is now an open  community. While other uses of the word hacker exist that are not related to computer security, such as referring to someone with an advanced understanding of computers and computer networks,  they are rarely used in mainstream context. They are subject to the long standing  hacker definition controversy  about the true meaning of the term  hacker. KINDS OF HACKERS White Hat A  white hat hacker  breaks security for non-malicious reasons, perhaps to test their own security system or while working for a security company which makes security software. The term white hat in Internet slang refers to an  ethical hacker. This classification also includes individuals who perform  penetration tests  and  vulnerability assessments  within a contractual agreement. The EC-Council, also known as the International Council of Electronic Commerce Consultants, is one of those organizations that have developed certifications, courseware, classes, and online training overing the diverse arena of Ethical Hacking. Black Hat A black hat hacker is a hacker who violates computer security for little reason beyond maliciousness or for personal gain (Moore, 2005). Black hat hackers form the stereotypical, illegal hacking groups often portrayed in popular culture, and are the epitome of all that the public fears in a computer criminal†   Black hat hackers brea k into secure networks to destroy data or make the network unusable for those who are authorized to use the network. They choose their targets using a two-pronged process known as the pre-hacking stage. Part 1: Targeting The hacker determines what network to break into during this phase. The target may be of particular interest to the hacker, either politically or personally, or it may be picked at random. Next, they will  port  scan a network to determine if it is vulnerable to attacks, which is just testing all ports on a host machine for a response. Open ports—those that do respond—will allow a hacker to access the system. Part 2: Research and Information Gathering It is in this stage that the hacker will visit or contact the target in some way in hopes of finding out vital information that will help them access the system. The main way that hackers get desired results from this stage is from social engineering, which will be explained below. Aside from social engineering, hackers can also use a technique called dumpster diving. Dumpster diving is when a hacker will literally search through users garbage in hopes of finding documents that have been thrown away, which may contain information a hacker can use directly or indirectly, to help them gain access to a network. Part 3: Finishing The Attack This is the stage when the hacker will invade the preliminary target that he/she was planning to attack or steal. Many hackers will be caught after this point, lured in or grabbed by any data also known as a  honeypot  (a trap set up by computer security personnel). Grey Hat A grey hat hacker is a combination of a Black Hat and a White Hat Hacker. A Grey Hat Hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has been hacked, for example. Then they may offer to repair their system for a small fee. Hacktivists Some hacker activists are motivated by politics or religion, while others may wish to expose wrongdoing, or exact revenge, or simply harass their target for their own entertainment. State Sponsored Hackers Governments around the globe realize that it serves their military objectives to be well positioned online. The saying used to be, â€Å"He who controls the seas controls the world,† and then it was, â€Å"He who controls the air controls the world. † Now it’s all about controlling cyberspace. State sponsored hackers have limitless time and funding to target civilians, corporations, and governments. Spy Hackers Corporations hire hackers to infiltrate the competition and steal trade secrets. They may hack in from the outside or gain employment in order to act as a mole. Spy hackers may use similar tactics as hacktivists, but their only agenda is to serve their client’s goals and get paid. Cyber Terrorists These hackers, generally motivated by religious or political beliefs, attempt to create fear and chaos by disrupting critical infrastructures. Cyber terrorists are by far the most dangerous, with a wide range of skills and goals. Cyber Terrorists ultimate motivation is to spread fear, terror and commit murder. VARIOUS ATTACKS USED BY A HACKER PHISHING Phishing  is a way of attempting to acquire information such as usernames,passwords, and credit card details by masquerading as a trustworthy entity in anelectronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by  e-mailspoofing  or  instant messaging,  and it often directs users to enter details at a fake website whose  look and feel  are almost identical to the legitimate one. Phishing is an example of  social engineering  techniques used to deceive users,  and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include  legislation, user training, public awareness, and technical security measures. A phishing technique was described in detail in 1987, and the first recorded use of the term phishing was made in 1996. The term is a variant of  fishing,  probably influenced by  phreaking,  and alludes to baits used in hopes that the potential victim will bite by clicking a malicious link or opening a malicious attachment, in which case their financial information and passwords may then be stolen. KEY LOGGING These are  software  programs designed to work on the target computer’s  operating system. From a technical perspective there are five categories: * Hypervisor-based: The keylogger can theoretically reside in a  malware  hypervisor  running underneath the operating system, which remains untouched. It effectively becomes a  virtual machine. Blue Pill  is a conceptual example. * Kernel-based: This method is difficult both to write and to combat. Such keyloggers reside at the  kernel level  and are thus difficult to detect, especially for user-mode applications. They are frequently implemented as  rootkits  that subvert the operating system kernel and gain unauthorized access to the hardware, making them very powerful. A keylogger using this method can act as a keyboard  device driver  for example, and thus gain access to any information typed on the keyboard as it goes to the operating system. API-based: These keyloggers  hook  keyboard  APIs; the operating system then notifies the keylogger each time a key is pressed and the keylogger simply records it. Windows APIs on such as  GetAsyncKeyState(),  GetForegroundWindow(), etc. are used to poll the state of the keyboard or to subscribe to keyboard events. [1]  These types of keyloggers are the easiest to write, but where constant polling of each key is required, they can cause a noticeable increase in  CPU  usage, and can also miss the occasional key. A more recent example simply polls the  BIOS  for pre-boot authentication  PINs  that have not been cleared from memory. * Form grabbing based:  Form grabbing-based keyloggers log  web form  submissions by recording the web browsing onsubmit event functions. This records form data before it is passed over the Internet and bypasses  HTTPS  encryption. * Packet analyzers: This involves capturing network traffic associated with  HTTP POST  events to retrieve unencrypted passwords. Remote access  software  keyloggers These are local software keyloggers with an added feature that allows access to the locally recorded data from a remote location. Remote communication may be achieved using one of these methods: * Data is uploaded to a website, database or an  FTP  server. * Data is periodically emailed to a pre-defined  email address. * Data is  wirelessly  transmitted by means of an attached hardware system. * The software enables a remote login to the local machine from the Internet or the local network, for data logs stored on the target machine to be accessed. Related features Software Keyloggers may be augmented with features that capture user information without relying on keyboard key presses as the sole input. Some of these features include: * Clipboard logging. Anything that has been copied to the  clipboard  can be captured by the program. * Screen logging. Screenshots  are taken in order to capture graphics-based information. Applications with screen logging abilities may take screenshots of the whole screen, just one application or even just around the mouse cursor. They may take these screenshots periodically or in response to user behaviours (for example, when a user has clicked the mouse). A practical application used by some keyloggers with this screen logging ability is to take small screenshots around where a mouse has just clicked; these defeat web-based keyboards (for example, the web-based screen keyboards that are often used by banks) and any web-based on-screen keyboard without screenshot protection. * Programmatically capturing the text in a  control. The  Microsoft Windows  API  allows programs to request the text value in some controls. This means that some passwords may be captured, even if they are hidden behind password masks (usually asterisks). * The recording of every program/folder/window opened including a screenshot of each and every website visited, also including a screenshot of each. REMOTE ADMINSTRATIVE TOOL(RAT) A  remote administration tool  (a  RAT) is a piece of software that allows a remote operator to control a system as if he has physical access to that system. While  desktop sharing  and  remote administration  have many legal uses, RAT software is usually associated with criminal or malicious activity. Malicious RAT software is typically installed without the victims knowledge, often as payload of a  Trojan horse, and will try to hide its operation from the victim and from  security software. The operator controls the RAT through a network connection. Such tools provide an operator the following capabilities: * Screen/camera capture or image control * File management (download/upload/execute/etc. ) * Shell control (from command prompt) * Computer control (power off/on/log off if remote feature is supported) * Registry management (query/add/delete/modify) Other software product-specific functions Its primary function is for one computer operator to gain access to remote PCs. One computer will run the client software application, while the other computer(s) operate as the host(s). CLICK-JACKING Clickjacking is possible because seemingly harmless features of HTML web pages can be employed to perform unexpected actions. A clickjacked page tricks a user into performing undesired act ions by clicking on a concealed link. On a clickjacked page, the attackers load another page over it in a transparent layer. The users think that they are clicking visible buttons, while they are actually performing actions on the hidden page. The hidden page may be an authentic page, therefore the attackers can trick users into performing actions which the users never intended. There is no way of tracing such actions to the attackers later, as the users would have been genuinely authenticated on the hidden page. Clickjacking is possible because seemingly harmless features of HTML web pages can be employed to perform unexpected actions. A clickjacked page tricks a user into performing undesired actions by clicking on a concealed link. On a clickjacked page, the attackers load another page over it in a transparent layer. The users think that they are clicking visible buttons, while they are actually performing actions on the hidden page. The hidden page may be an authentic page, therefore the attackers can trick users into performing actions which the users never intended. There is no way of tracing such actions to the attackers later, as the users would have been genuinely authenticated on the hidden page. Examples A user might receive an email with a link to a video about a news item, but another valid page, say a product page on amazon. com, can be hidden on top or underneath the PLAY button of the news video. The user tries to play the video but actually buys the product from Amazon. Other known exploits include: * tricking users into enabling their webcam and microphone through Flash (which has since been corrected by Adobe); * tricking users into making their social networking profile information public; * making users follow someone on Twitter; share links on Facebook SPAMS Email spam, also known as  junk email  or  unsolicited bulk email  (UBE), is a subset of  electronic spam  involving nearly identical messages sent to numerous recipients by  email. Definitions of spam usually include the aspects that email is unsolicited and sent in bulk. One subset of UBE is  UCE  (unsolicited commercial email). The opposite of spam, email which one wants, is called ham, us ually when referring to a messages automated analysis (such as Bayesian filtering). Email spam has steadily grown since the early 1990s. Botnets, networks of  virus-infected computers, are used to send about 80% of spam. Since the expense of the spam is borne mostly by the recipient,  it is effectively  postage due  advertising. The legal status of spam varies from one jurisdiction to another. In the United States, spam was declared to be legal by the  CAN-SPAM Act of 2003  provided the message adheres to certain specifications. ISPs  have attempted to recover the cost of spam through lawsuits against spammers, although they have been mostly unsuccessful in collecting damages despite winning in court. Spammers collect email addresses from chatrooms, websites, customer lists, newsgroups, and viruses which harvest users address books, and are sold to other spammers. They also use a practice known as email appending or epending in which they use known information about their target (such as a postal address) to search for the targets email address. According to the Message Anti-Abuse Working Group, the amount of spam email was between 88–92% of email messages sent in the first half of 2010. PREVENTIVE MEASURES TO OVERCOME THE ATTACKS OF HACKERS KEYLOGGERS SCAN THE FILE WITH â€Å"DR. WEB LINK CHECKER†BEFORE DOWNLOADING. SCAN THE FILE WITH ONLINE MULTIPLE ANTI-VIRUS ENGINE IE. , www . novirusthanks org USE ANTI KEYLOGGERS LIKE ZEMANA,KEYSCRAMBERS ETC.. RATS STRICTLY FOLLOW THE INSTRUCTIONS OF THE ANTI-VIRUS.. ALWAYS USE AN UPDATED ANTI-VIRUS. DONT DOWNLOAD ANY FILE FROM AN ANONYMOUS WEBSITE. PHISHING ALWAYS TYPE THE COMPLETE URL OF THE INTENDED WEBPAGE FOR LOGIN. USE ANTI-VIRUS WHICH HAS WEB BROWSER INTERGRATION FACILITY TO COMBAT PHISHING LIKE KASPERSKY ETC.. NEVER LOGIN IN ANY LINK WITHOUT VERIFING ITS AUTHENTICATION. SPAM Some Facebook users were fooled into ‘verifying’ their account. Many Facebook walls were flooded with ‘verify  your/my account’ spam messages/wall posts. My advice to all Facebook users. To get rid of FB spams, do not click  the link. As simple as that. Clicking the link will just cause you to become one of the spam victims. It will automatically post the same spam messages on different Facebook walls. CONCLUSION * Data Security is the means of ensuring that data is kept safe from corruption and that access to it is suitably controlled. * . The Internet is a scary place. Criminals have the ability to hide behind their computers, or even other people’s computers ,they attempt to break into computer to steal personal information or to use it for their own purposes. * So to protect your Data with a firewall so that you are not an easy target to hackers and viruses in the future * When you leave your house, you lock your doors to prevent robbery, why not use a firewall to put a lock on your computer. AUTHORS: G. VAMSHI KRISHNA A. K. A h4x0r le610n, Computer Science amp; Engineering, 4nd year B. Tech, WARANGAL INSTITUTE OF TECHNOLOGY amp; SCIENCE.