Have you ever tried to learn stuff about hacking? if not then you don't love  your own blog. Yes it seems a bit weird but this is  a reality. While on a journey into the deep Amazon rain forest, unless you don't know the type and nature of poison a snake may possibly inject into your body, you can't have the targeted medicine kit with you. Or in other words the lock of your garage needs to be enough strong to defeat the most tricky thief of your locality.

secure your accounts from being hacked keep security strong


Unless you don't investigate the possible types of techniques the thief may use, you are not in a good position to manage for a suitable lock. Just a little carelessness about the security of your blog may put your online property, years of hard work and your strong presence and reputation on the web world at a total risk. Your hacked facebook account becomes a cause for continuous fear and stress.

This article is aimed at providing the necessary first aid knowledge about hackers, hacking and their different types. This article only covers basic hacking techniques and their remedies. Starting from the very beginning let's know who is a hacker? 

"A hacker is an expert computer/web programmer who is so expert that he can fully understand the working mechanism of any computer programme and can make possible changes in it in order to either force the programme to function the way he wants or to deceive it. Unless the expert programmer doesn't cross the legal limits, he is not a hacker. So in the language of computer world, a hacker is a person who uses un justified methods to break into other's privacy's, steals and destroys and promotes his personal or organizational motives. "

Motives behind hacking
Following are few of the motives a hacker usually hacks for.
  • To use already prepared grounds for promoting own business with little effort. 
  • To steal credits and digital content. 
  • To promote some political thought. 
  • To eliminate any business or political opponent. 
  • To get own rights. 
  • To protest against any injustice.
When we look back at the history of hacking, 95% of hacking carries un justified motives behind and only in rare cases people hack either to get their own rights or to force governments to listen to their demands as a type of protest. Whether for a good or a bad cause, hacking has not been justified by any international law making body.
 
Some hackers are not actually hackers
As i mentioned above that a hacker is always an expert computer programmer and knows much more about computer and web programming. But there are other people who either know very little or nothing at at all but are generally termed as hackers. These are people who use tools created by the actual hackers (programmers) and always try to get login ids and passwords. We will discuss it in detail.

Two Types of possible hacking attacks and how to avert them

-----------------------------------------------------------------------------------
                                            Phishing
-----------------------------------------------------------------------------------
Phishing is method of accessing or stealing personal data through spamming and deceptive methods. The back bone of phishing is masquerading a trustworthy site/organization, and deceive the victim through tricky electronic and digital ways. I will discuss the following important types of phishing in this article.
1. Keyloggers
The easiest and widely used method of getting login information of any target user is carried out through keyloggers. Keyloggers are small softwares which are installed both on hacker's and victim's computer. Modern keyloggers are fitted with the ability of remote installation. The programme can be installed on a victims computer anywhere in the world without his consent/knowledge.

avert account hacking through keyloggers
How a keylogger is installed remotely?
After installing the keylogger and managing it's settings on own computer, a type of exe file is created using the programme as bullet for the victim. This file can be given any name in order to force the victim to click it. For instance let's say it is named as "unbelievable jump", even modern attackers use names like " If you think this message doesn't belong to you, please don't click it or any other appealing message like that and sent to the inbox of the victim. Sometimes these messages represent trustworthy companies and organizations. As soon as the victim clicks the file, nothing happens for him but actually the programme starts installing behind the scene.

Possible Spam messages you may receive
  • A message to reconfigure your account settings from a trustworthy site.
  • Instant message having a link to the fack login.
  Once the programme is installed remotely, it starts recording all the keystrokes on the victim's computer and sends them to the offender after every specific interval of time as set by him. Some good quality keyloggers in addition to keystrokes also send screen shots to the attacker which facilitates him further. Depending upon the type of keylogger used, it may or may not be detected by your firewall and antivirus programme.

What if you fall victim to such an attack?
If any of your account is hacked through this method, things rest on the mercy of respected offender. You can't do anything to get your blog back. I have seen few guys appealing for help in forums after getting tired of complaints to google. Because once the attacker gets your login info he makes himself admin, gets all the rights and either pushes you to remain as an author or kicks you out from the scene. But every problem has a certain solution. If you are so unlucky and your account is hacked, what steps you need to take has been mentioned at the end of this article.


Avoid falling a victim to keylogger attacks
Keep following simple things in mind in order to completely avert any such attack.
  • Always enable your windows firewall and install a good antivirus programme.
  • Don't ignore things like updating your antivirus in time. Because good antivirus programmes like kspersky can detect most of the keylogger files as viruses.
  • When your antivirus detects something, give it some serious attention and never ever let it bypass.
  • Deal sensibly to the Spam messages in your email/facebook inbox. As i mentioned some keyloggers are so strong that they can bypass your security walls and easily reach your inbox, waiting for a kind click form you. Don't click Spam items blindly if you don't want to put yourself in trouble.
  • Keep on deleting your spam messages on daily bases.
  • If you ever feel that you have mistakenly click a spam file and it may be a keylogger file, unless you delete the programme use your virtual keyboard which requires mouse clicks for entries. Keyloggers only records keyboard keystrokes.
 2. Fake login Pages
Another phishing technique often used by spammers is by creating a fake login page which perfectly impersonates the legitimate site. Using some free hosting account spammers create exact copies of well known sites like Facebook and blogger etc. When someone follows such a link, he is asked to login with his let's say facebook account. The success rate of this technique is considered to be 80%. 
fack login pages and blog hack

Where you may find such links?
  • You may face such a link while on another site.
  • You may receive an instant message in your inbox with a link to the fake login page.  
Avoid  falling victim to fake login pages.
  • The best and final method of avoiding falling victim to such a trick is to read the link in the browser bar. It is impossible for any site to have the same domain name and links as of another site. 
  • You can also find see the link by hovering your mouse over the link before you click it.
  • Give special attention to the links which are inside your spam folder. 
Avoid all phising attacks

In addition to the tips given under kelogger and fake login pages sections, follow the following few more tips in order to completely defeat all phishing techniques.
  • If some one is selling products with fairly low prices than market, be cautious about that site.
  • Keep special attention to messages which tempts to any economical profit.
  • Use your credit card only on those site whose authenticity and legitimacy is 100% confirmed.
  • Earn online sites have already been in the black list. Don't believe in those who say you can be a millionaire for giving nothing.
  • Disconnect your Internet when not needed.
----------------------------------------------------------------------------------
                                                   Dictionary Attacks
----------------------------------------------------------------------------------
 Dictionary attacks are carried out through special programmes which compare thousands sometimes millions of words to a victims password. Once a word or phrase matches with the password, the system automatically stops matching more, and that's it the victims password is traced. These attacks sometimes take days in order to catch the password depending upon the complexity of password and the speed of the offenders system and equipment.

how to defeat dictionary attacks
How to defeat?
  • As dictionary attack is totally a matching of words from dictionary to the victim's password, using non dictionary words will surely defeat this attack.
  • Keep the length of your password longer.
  • Combine different words and avoid single word based passwords.
  • Use special character and digits within your password.
 What if your site is hacked
After keeping all the above mentioned things in place, if you are so unlucky that your blog/site is hacked, then the necessary measures you need to take are as follows.
  • Firstly watch the following video posted by google to help those whose sites have been hacked.

  •  Report from your webmaster tools.
  • Stop any further damage if you can do by yourself.
  • Hire an individual/a group of trusted experts to get back the site for you.
  • Contact your hoster and inform about it.
Was this helpful? Join bloggerdoctor on facebook or become a friend through google friend connect.
Pin It Now!

0 comments:

Post a Comment

Please be precise and clear! Do not comment anonymously!

 
Top