5- Phishing
Phishing is a common scam that attempts to lure you into giving up your username, password, or other sensitive information by using a replica of an original app/ login page/ Website.
This can be done to any device possible it is typcally spread by email.
The email may appear to come from ECSU or another company you do business with, and it often asks you to click a link, open an attachment, or reply with your account or personal information.
Social engineering isn't always simplest constrained to guessing passwords.
Full tutorial:
Phishing attacks are SCARY easy to do!! (let me show you!) // FREE Security+ // EP 2
How hackers create PHISHING sites!
Phishing tools:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
6- Password Reset
This method is pretty easy and must be combined with social engineering.
You need to have a physical access to the phone to simply request the victims account and request the following app for a password reset.
If you do not have phsyiscal access to the victims device you can simply request a new password with their account. The code will be sent to the person as an SMS.
It is possible to tell the person beforehand things like:
"My account needs a new number can i use yours?" or "I need to verify my account but my number does not work can i use yours?"
This method is also used to steal someone else’s Instagram account permanently.
Another Method is to ask the person a lot of personal questions like whats your mums name and dads name etc etc.
The kind of questions that you need to answer the security questions for.
Collect them all but let it seem like a normal conversation and thats how you do it!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Phishing is a common scam that attempts to lure you into giving up your username, password, or other sensitive information by using a replica of an original app/ login page/ Website.
This can be done to any device possible it is typcally spread by email.
The email may appear to come from ECSU or another company you do business with, and it often asks you to click a link, open an attachment, or reply with your account or personal information.
Social engineering isn't always simplest constrained to guessing passwords.
- You can use the method to force your victim to a click on a phishing web page which you have in particular created to gather passwords.
- You have to persuade the person to log of their account through your web page via social engineering.
- You can to lure them on your web page with the promise of free money/ free leaks or more shit like that.
Full tutorial:
Phishing attacks are SCARY easy to do!! (let me show you!) // FREE Security+ // EP 2
How hackers create PHISHING sites!
Phishing tools:
- Known tool
- Preloaded
- Man-in-the-middle attack
- Allows bypassing 2-factor authentication protection
- Acts as a proxy between a browser and phished website
- Designed for social engineering
- Multiple custom attack vectors
- Believable quick attack
- Wifi phishing
- Scans the victim stations for vulnerabilities
- Creates a fake wireless network that looks similar to a legitimate network
- Open-source phishing toolkit
- Dead-simple
- For Windows too
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
6- Password Reset
This method is pretty easy and must be combined with social engineering.
You need to have a physical access to the phone to simply request the victims account and request the following app for a password reset.
If you do not have phsyiscal access to the victims device you can simply request a new password with their account. The code will be sent to the person as an SMS.
It is possible to tell the person beforehand things like:
"My account needs a new number can i use yours?" or "I need to verify my account but my number does not work can i use yours?"
This method is also used to steal someone else’s Instagram account permanently.
Another Method is to ask the person a lot of personal questions like whats your mums name and dads name etc etc.
The kind of questions that you need to answer the security questions for.
Collect them all but let it seem like a normal conversation and thats how you do it!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~