Email Hacking -Heads up
Posted: Tue May 06, 2008 4:59 pm
Have noticed a few people on this forum have had their email account hacked recently and just want to give you heads up how to prevent anyone else being a victim.
About 3yrs ago, I actually witnessed an evil email hacking software at work and it's very shocking what it can do!! For a mere ?7 you can buy the software off an internet site. The software house who sell this software market it as a tool for parents to monitor their children's internet activities when the parent are not physically present with the children. It also claimed husband/wife can use it to track their partner's internet activities incase one of them is having cyber affair etc...The sofware company warns whoever buy the sofware to only install it on a computer they own, by law it's forbidden and a criminal offence to install it on a computer you do NOT OWN. So these companies sells this software legally in good faith but some evil or fraudulent individuals can also use this software maliciously to hack other peoples email account as it's begining to happen to members of this forum in the adult business.
What does this hacking sofware do and how does it work?
once the software is installed on a computer, it begins to monitor keyboard strokes and all applications running on your PC including MSN and Yahoo chat transcripts and sends the logs to remote computer owned by the company who sells the hacking software. The customer who bought the software can then log on to account created when he/she bought the sofware and read all logs and keyboard keystrokes transfered from the victim's computer, from there he can reboot the victims computer if he want. reading through the keystrokes logs he can pick up passwords to email accounts of the victim etc...
Will the victim know his internet activities is being monitored?
absolutely not, the monitoring software on the victim's computer work like a stealth and will remain undetected even by major antivirus software. The only way the victim will know he's being monitired or hacked is if the perpetrator start using the email account of the victim to send messages etc.. which will alert the victim.
How can the perpetrator install this sofware on your computer?
very simple, all he/she has to do is drag the executable file into a written microsoft word document and send it to the victim in email asking the victim to open and read. Surely you'd say to yourself word documents can never be harmful, now you have to think again. As soon as you open and read the work document, the piece of hacking code attached to it start to run and continues to run everytime you start your computer. All the perpetrator has to do is log on to his account area of the internet site that sold him/her the software to read all your keyboard keystroke logs and archive of your internet activities fully with date and time. From this time on the perpetrator can start monitoring your every internet activities including your msn and yahoo chat transcripts.
Is it possible to catch and trace the evil perpetrator?
Yes you can using the following steps
Once you suspected you have been hacked by a keylogger software
1) close down all applications you have running on your computer that you know might be trying to connect to the internet i.e msn chat, yahoo chats etc..
2)Open windows command window and run a simple windows command that will list all active computer connections currently on your PC, ths command will list Internet IP addresses of computers that have established connections with your computer.
3) You will probably see a couple of IP addresses that your computer is talking to in the list, but by closing down msn chat and yahoo chats etc.. you take these off the list, now the remaining connections is suspicious
4) Run this command 4 times at various times of the day, if one IP address connections always show up in the list, then this is the culprit monitoring your internet activities
5) take note of this IP address and run a GeoTrace on it, this will give you details of which ISP owns that IP address. Send the ISP an email complaining that you suspect someone hacked into your computer and you believe that IP address is being used to illegally send data from your computer. The ISP will respond by pointing you to the hacking software company which they have leased that IP address, now you're getting closer to catching the perpetrator
6) send a mail to the hacking sotware company using the details you received from their ISP and complain to them that you believe one of their client/customer has illegally installed keystrokes monitoring software on your PC which does not belong to them.
7) The will ask you for your computer IP address and they will run a check against all connection they have on their records and they will identify that Mr Joe Bloggs is running an account from their server which is monitoring your computer activities. Since Mr Joe Bloggs liely to buy the sofware from the software company using his credit card, the software company will have his full contact adress etc...
8) At this stage you might need police intervention for the software company to release their customer details. Depending on which country the perpetrator originates from, this could be a nightmare trying to get police action.
After my email has been hacked this way, will changing my email address help?
Absolutely not, the perpetrator knows the new password to your new email address as soon as you register it. The fact that he is not using your new email account yet doesn't mean he doesn't have it, hes is just lying low and just reading emails from your new email account rather than trying to alert you again by sending emails from your new email account and blowing his own whistle.
How can you get this of these monitoring/hacking code running on your computer?
Use any of the following methods
1) If you're using windows XP, you can rollback your computer to 6-8 months earlier i.e "set my computer back to state it was 6 months ago etc.." after you reboot, this nasty piece of code no longer in your hardrive to monitor your internet activities
2) format your hard drive and re-install windows
3) third option is very complicated and won't bother explaining it here
Once I've got rid of it, how can I make sure I never get it again?
Simple, after your computer is clean again, before you open any email attachments etc.. install Zone Alarm firewall software (about ?10 to buy, I think). Once Zone Alarm software is running. This firewall will alert you everytime your computer wants to talk to another computer over the internet, its very intelligent and make good guesses and won't bother you too much. However be extra vigilant if you try to open a word document or picture from email attachement and Zone alarm suddently pops up to tell you your computer wants to communicate with another on the internet and asking for your perssion weather to allow it, alarm bells should start ringing and click the box to say "always denied this sotware internet access permanently" now with the help of Zone Alarm, you have stopped yourself from being a victim once again.
Can you imagine if the perpetrator use this hacking sotware to get hold of your internet banking password? he/she will be laughing all the way to the bank. That is why some banks now include picking letters from your password from a drop down list with your mouse when loging into your internet banking account.
About 3yrs ago, I actually witnessed an evil email hacking software at work and it's very shocking what it can do!! For a mere ?7 you can buy the software off an internet site. The software house who sell this software market it as a tool for parents to monitor their children's internet activities when the parent are not physically present with the children. It also claimed husband/wife can use it to track their partner's internet activities incase one of them is having cyber affair etc...The sofware company warns whoever buy the sofware to only install it on a computer they own, by law it's forbidden and a criminal offence to install it on a computer you do NOT OWN. So these companies sells this software legally in good faith but some evil or fraudulent individuals can also use this software maliciously to hack other peoples email account as it's begining to happen to members of this forum in the adult business.
What does this hacking sofware do and how does it work?
once the software is installed on a computer, it begins to monitor keyboard strokes and all applications running on your PC including MSN and Yahoo chat transcripts and sends the logs to remote computer owned by the company who sells the hacking software. The customer who bought the software can then log on to account created when he/she bought the sofware and read all logs and keyboard keystrokes transfered from the victim's computer, from there he can reboot the victims computer if he want. reading through the keystrokes logs he can pick up passwords to email accounts of the victim etc...
Will the victim know his internet activities is being monitored?
absolutely not, the monitoring software on the victim's computer work like a stealth and will remain undetected even by major antivirus software. The only way the victim will know he's being monitired or hacked is if the perpetrator start using the email account of the victim to send messages etc.. which will alert the victim.
How can the perpetrator install this sofware on your computer?
very simple, all he/she has to do is drag the executable file into a written microsoft word document and send it to the victim in email asking the victim to open and read. Surely you'd say to yourself word documents can never be harmful, now you have to think again. As soon as you open and read the work document, the piece of hacking code attached to it start to run and continues to run everytime you start your computer. All the perpetrator has to do is log on to his account area of the internet site that sold him/her the software to read all your keyboard keystroke logs and archive of your internet activities fully with date and time. From this time on the perpetrator can start monitoring your every internet activities including your msn and yahoo chat transcripts.
Is it possible to catch and trace the evil perpetrator?
Yes you can using the following steps
Once you suspected you have been hacked by a keylogger software
1) close down all applications you have running on your computer that you know might be trying to connect to the internet i.e msn chat, yahoo chats etc..
2)Open windows command window and run a simple windows command that will list all active computer connections currently on your PC, ths command will list Internet IP addresses of computers that have established connections with your computer.
3) You will probably see a couple of IP addresses that your computer is talking to in the list, but by closing down msn chat and yahoo chats etc.. you take these off the list, now the remaining connections is suspicious
4) Run this command 4 times at various times of the day, if one IP address connections always show up in the list, then this is the culprit monitoring your internet activities
5) take note of this IP address and run a GeoTrace on it, this will give you details of which ISP owns that IP address. Send the ISP an email complaining that you suspect someone hacked into your computer and you believe that IP address is being used to illegally send data from your computer. The ISP will respond by pointing you to the hacking software company which they have leased that IP address, now you're getting closer to catching the perpetrator
6) send a mail to the hacking sotware company using the details you received from their ISP and complain to them that you believe one of their client/customer has illegally installed keystrokes monitoring software on your PC which does not belong to them.
7) The will ask you for your computer IP address and they will run a check against all connection they have on their records and they will identify that Mr Joe Bloggs is running an account from their server which is monitoring your computer activities. Since Mr Joe Bloggs liely to buy the sofware from the software company using his credit card, the software company will have his full contact adress etc...
8) At this stage you might need police intervention for the software company to release their customer details. Depending on which country the perpetrator originates from, this could be a nightmare trying to get police action.
After my email has been hacked this way, will changing my email address help?
Absolutely not, the perpetrator knows the new password to your new email address as soon as you register it. The fact that he is not using your new email account yet doesn't mean he doesn't have it, hes is just lying low and just reading emails from your new email account rather than trying to alert you again by sending emails from your new email account and blowing his own whistle.
How can you get this of these monitoring/hacking code running on your computer?
Use any of the following methods
1) If you're using windows XP, you can rollback your computer to 6-8 months earlier i.e "set my computer back to state it was 6 months ago etc.." after you reboot, this nasty piece of code no longer in your hardrive to monitor your internet activities
2) format your hard drive and re-install windows
3) third option is very complicated and won't bother explaining it here
Once I've got rid of it, how can I make sure I never get it again?
Simple, after your computer is clean again, before you open any email attachments etc.. install Zone Alarm firewall software (about ?10 to buy, I think). Once Zone Alarm software is running. This firewall will alert you everytime your computer wants to talk to another computer over the internet, its very intelligent and make good guesses and won't bother you too much. However be extra vigilant if you try to open a word document or picture from email attachement and Zone alarm suddently pops up to tell you your computer wants to communicate with another on the internet and asking for your perssion weather to allow it, alarm bells should start ringing and click the box to say "always denied this sotware internet access permanently" now with the help of Zone Alarm, you have stopped yourself from being a victim once again.
Can you imagine if the perpetrator use this hacking sotware to get hold of your internet banking password? he/she will be laughing all the way to the bank. That is why some banks now include picking letters from your password from a drop down list with your mouse when loging into your internet banking account.