Ethical Hacking 简明教程

Ethical Hacking - Email Hijacking

Email Hijacking, or email hacking, is a widespread menace nowadays. It works by using the following three techniques which are email spoofing, social engineering tools, or inserting viruses in a user computer.

Email Spoofing

In email spoofing, the spammer sends emails from a known domain, so the receiver thinks that he knows this person and opens the mail. Such mails normally contain suspicious links, doubtful content, requests to transfer money, etc.

example

Social Engineering

Spammers send promotional mails to different users, offering huge discount and tricking them to fill their personal data. You have tools available in Kali that can drive you to hijack an email.

social engineering

Email hacking can also be done by phishing techniques. See the following screenshot.

phishing

The links in the email may install malware on the user’s system or redirect the user to a malicious website and trick them into divulging personal and financial information, such as passwords, account IDs or credit card details.

Phishing attacks are widely used by cybercriminals, as it is far easier to trick someone into clicking a malicious links in the email than trying to break through a computer’s defenses.

Inserting Viruses in a User System

The third technique by which a hacker can hijack your email account is by infecting your system with a virus or any other kind of malware. With the help of a virus, a hacker can take all your passwords.

How to detect if your email has been hijacked?

  1. The recipients of spam emails include a bunch of people you know.

  2. You try to access your account and the password no longer works.

  3. You try to access the “Forgot Password” link and it does not go to the expected email.

  4. Your Sent Items folder contains a bunch of spams you are not aware of sending.

Quick tips

In case you think that your email got hijacked, then you need to take the following actions −

  1. Change the passwords immediately.

  2. Notify your friends not to open links that they receive from your email account.

  3. 联系主管部门并报告您的帐户已被黑客入侵。

  4. 在计算机上安装一款好的杀毒软件并对其进行更新,

  5. 如果有支持,设置双重身份验证密码。