3 Plain Password Grabbing
This is another common method used to steal Gmail user’s password. Most people are unaware of these method but traditional hackers use this method to hack user accounts.
How Plain Password Grabbing works?
In this method, the Gmail hacker / attacker target a particular low quality website where the victim is a member and hack their database to get the stored plain username & password of victim. Here how could the hacker / attacker get access to Gmail? Many of us use the same password for Gmail and some poorxyz.com so its easy for a Gmail hacker to get your password through the low quality poorxyz.com.
In another scenario, the Gmail hacker / attacker creates a website in the intention of getting victim’s password. Whenever a user signup or register his account using email and create a password and those details will get stored in their db. So the Gmail hacker get your email and password. Common people who uses same email and password for these kind of low quality websites might end up getting their Gmail account hacked.
How can you protect yourself from Plain Password Grabbing?
You should never trust third party low quality websites, even popular websites like Linkedin passwords are getting hacked. So never and ever trust third party low quality websites. Most of the website developers are storing plain passwords in database without even thinking about encryption or security. This makes Gmail hackers job easy since the password is stored as plain text. Best way to prevent this method is to have a unique password at least for websites that you really trust. Don’t use your Gmail password for any other website/portal and that’s when your password will never get exposed.
4 Key Logger
Key logger is a software tool used to record keystrokes of a computer. This in turn records everything you type using your keyboard and store it for use.
Also read how to Unblock YouTube, Facebook and other websites easily
How Key Logging works?
All keyloggers run in background (except trail versions) and won’t be viewable to users until you know the keylogger password and shortcut used to view it. It will record all the keys pressed and give you a detailed report of when and what keys are used for what application – Simply a clean report to identify passwords. Anyone who is reading the keylogger logs might be able to see the Gmail password or any passwords typed and sensitive information like credit cards, bank username password etc. Whenever you login to a public computer, there are chances for you to get your password hacked.
In another scenario, your friend/colleague/neighbor could ask you to login using their computer as a help. If their intention is to get your password then you are most likely to get your FB account hacked.
How can you protect yourself from Key Logging?
You need not be afraid of key loggers when you use your personal computer since you are the only one who is going to access it. But whenever you use any public computer or any of your friend’s computer, you should not trust it.
I always suggest my friends to use On Screen Keyboard whenever they are in need to type a password, also please make sure nobody is checking your screen while you type your password since your screen would expose what you had typed. In windows, there is a inbuilt tool called On Screen Keyboard that helps us to select keys using mouse. You can open OSK by using Run dialog box. WinKey R opens Run dialog box, type osk and then press enter. Now a days many banking portals provide a screen keyboard in browser itself. So please make use of it whenever you are surfing in public computers.
5 Browser Extension Gmail Hacker
This method don’t let the Gmail hacker / attacker give complete access to your Gmail account but gives some power to control your account indirectly. I’ve seen multiple Google Chrome and Firefox addons which secretly perform actions like sharing a post in Google plus, following a Google page etc.
How Browser extension Gmail hacker works?
When you visit some malicious websites or webpages, you will be prompted to install a browser addon. Once you install the addon, it would perform all the tasks described by Gmail hacker or attacker who created it. Some primary actions are posting status updates in your Google wall, following a Google page, following a person, inviting your friends etc. You may not know these things happening in your Google account except when you check your Google Activities periodically.
How can you prevent browser extension Gmail hacker?
You can monitor your Gmail account activities using a feature called Google History. You should not trust any third party websites prompting you to add a browser extension. Install addons only if you trust the publisher. Why should you take risk if you don’t know the publisher or intention of the addon? Always stay from these malicious browser extensions.
6 Browser Vulnerabilities
Browser Vulnerabilities are security bugs which exists in older versions of mobile and desktop browsers.
How browser vulnerabilities works in hacking?
Most browser vulnerabilities are exploited through an older version of browser since all of the zero days are patched by browser vendor once it is reported by researchers around the world. For example, Browser Same Origin Policy Vulnerability could allow a hacker / attacker to read response of any Page like Gmail and could be able to perform any action in your Gmail account since they are able to read the response by accessing the Google.com origin. Android Chrome SOP bypass by Rafay Baloch is one such vulnerability that is affecting Android webview in Android < 4.4.
How can you prevent yourself from browser vulnerabilities?
You should always update your browser and operating system once there is an updated version available. Keeping an older version always have many risk factors involved.
7 Self XSS Scam
Self XSS also known as Self Cross Site Scripting. XSS is basically a web security vulnerability, it enables hackers to inject scripts to web pages used by other users. What is self XSS then? Self XSS is a kind of social engineering attack where a victim accidentally executes a script, thus exploiting it to the hacker.
How self XSS scam works?
In this method, hacker promises to help you hack somebody else’s Gmail account. Instead of giving you access to someone else’s account, the hacker tricks you into running malicious Javascript in your browser console that gives hacker the ability to manipulate your account.
How can you prevent yourself from self XSS?
Self XSS is something that you let hackers to hack your account Never and ever copy & paste code given by someone in your browser. Otherwise you will get your Gmail account hacked.
8 Trojan Horses
Trojan Horse is a malicious program which is used to spy and control a computer by misleading users of its true intent. Malware Trojan can also be called as Remote Key Loggersince it records key strokes of all the applications of our computer and send it to the hacker.
How Trojan Horse hacking works?
A software you think legit might be a trojan. A PDF you don’t suspect might contain a trojan. A avi media file you have might be a trojan. Trojan horses runs in the backgroud process, collect information and send it to hacker. Trojan horses can be sent in any form through any medium like pen drive, ipod, website or email. In our topic, Trojan records Gmail password that you have typed in your browser and send it to the Gmail hacker using Internet.
How can you prevent yourself from Trojan?
Don’t install programs from unknown source.
Don’t play media files received from unknown source.
Don’t open any kind of files downloaded from untrusted sources.
Don’t insert pen drive from any suspicious people.
Have an updated anti-virus software installed in your computer.
Having an updated anti-virus software do not guarantee you to stay safe from hacking. Basically an anti-virus software is a collection of detected malwares and viruses. Its job is to compare each and every file with their database of viruses. There are many softwares which enable us to create a undetectable trojans. But it is very unlikely to target a common man with undetectable trojanware. So having a updated antivirus program is some what protective.
9 Gmail Zero Day
Zero day is a security vulnerability that are unknown to the respective software vendor. In our context, Undiscovered Google vulnerabilities are called Gmail Zero Day.
]
This is another common method used to steal Gmail user’s password. Most people are unaware of these method but traditional hackers use this method to hack user accounts.
How Plain Password Grabbing works?
In this method, the Gmail hacker / attacker target a particular low quality website where the victim is a member and hack their database to get the stored plain username & password of victim. Here how could the hacker / attacker get access to Gmail? Many of us use the same password for Gmail and some poorxyz.com so its easy for a Gmail hacker to get your password through the low quality poorxyz.com.
In another scenario, the Gmail hacker / attacker creates a website in the intention of getting victim’s password. Whenever a user signup or register his account using email and create a password and those details will get stored in their db. So the Gmail hacker get your email and password. Common people who uses same email and password for these kind of low quality websites might end up getting their Gmail account hacked.
How can you protect yourself from Plain Password Grabbing?
You should never trust third party low quality websites, even popular websites like Linkedin passwords are getting hacked. So never and ever trust third party low quality websites. Most of the website developers are storing plain passwords in database without even thinking about encryption or security. This makes Gmail hackers job easy since the password is stored as plain text. Best way to prevent this method is to have a unique password at least for websites that you really trust. Don’t use your Gmail password for any other website/portal and that’s when your password will never get exposed.
4 Key Logger
Key logger is a software tool used to record keystrokes of a computer. This in turn records everything you type using your keyboard and store it for use.
Also read how to Unblock YouTube, Facebook and other websites easily
How Key Logging works?
All keyloggers run in background (except trail versions) and won’t be viewable to users until you know the keylogger password and shortcut used to view it. It will record all the keys pressed and give you a detailed report of when and what keys are used for what application – Simply a clean report to identify passwords. Anyone who is reading the keylogger logs might be able to see the Gmail password or any passwords typed and sensitive information like credit cards, bank username password etc. Whenever you login to a public computer, there are chances for you to get your password hacked.
In another scenario, your friend/colleague/neighbor could ask you to login using their computer as a help. If their intention is to get your password then you are most likely to get your FB account hacked.
How can you protect yourself from Key Logging?
You need not be afraid of key loggers when you use your personal computer since you are the only one who is going to access it. But whenever you use any public computer or any of your friend’s computer, you should not trust it.
I always suggest my friends to use On Screen Keyboard whenever they are in need to type a password, also please make sure nobody is checking your screen while you type your password since your screen would expose what you had typed. In windows, there is a inbuilt tool called On Screen Keyboard that helps us to select keys using mouse. You can open OSK by using Run dialog box. WinKey R opens Run dialog box, type osk and then press enter. Now a days many banking portals provide a screen keyboard in browser itself. So please make use of it whenever you are surfing in public computers.
5 Browser Extension Gmail Hacker
This method don’t let the Gmail hacker / attacker give complete access to your Gmail account but gives some power to control your account indirectly. I’ve seen multiple Google Chrome and Firefox addons which secretly perform actions like sharing a post in Google plus, following a Google page etc.
How Browser extension Gmail hacker works?
When you visit some malicious websites or webpages, you will be prompted to install a browser addon. Once you install the addon, it would perform all the tasks described by Gmail hacker or attacker who created it. Some primary actions are posting status updates in your Google wall, following a Google page, following a person, inviting your friends etc. You may not know these things happening in your Google account except when you check your Google Activities periodically.
How can you prevent browser extension Gmail hacker?
You can monitor your Gmail account activities using a feature called Google History. You should not trust any third party websites prompting you to add a browser extension. Install addons only if you trust the publisher. Why should you take risk if you don’t know the publisher or intention of the addon? Always stay from these malicious browser extensions.
6 Browser Vulnerabilities
Browser Vulnerabilities are security bugs which exists in older versions of mobile and desktop browsers.
How browser vulnerabilities works in hacking?
Most browser vulnerabilities are exploited through an older version of browser since all of the zero days are patched by browser vendor once it is reported by researchers around the world. For example, Browser Same Origin Policy Vulnerability could allow a hacker / attacker to read response of any Page like Gmail and could be able to perform any action in your Gmail account since they are able to read the response by accessing the Google.com origin. Android Chrome SOP bypass by Rafay Baloch is one such vulnerability that is affecting Android webview in Android < 4.4.
How can you prevent yourself from browser vulnerabilities?
You should always update your browser and operating system once there is an updated version available. Keeping an older version always have many risk factors involved.
7 Self XSS Scam
Self XSS also known as Self Cross Site Scripting. XSS is basically a web security vulnerability, it enables hackers to inject scripts to web pages used by other users. What is self XSS then? Self XSS is a kind of social engineering attack where a victim accidentally executes a script, thus exploiting it to the hacker.
How self XSS scam works?
In this method, hacker promises to help you hack somebody else’s Gmail account. Instead of giving you access to someone else’s account, the hacker tricks you into running malicious Javascript in your browser console that gives hacker the ability to manipulate your account.
How can you prevent yourself from self XSS?
Self XSS is something that you let hackers to hack your account Never and ever copy & paste code given by someone in your browser. Otherwise you will get your Gmail account hacked.
8 Trojan Horses
Trojan Horse is a malicious program which is used to spy and control a computer by misleading users of its true intent. Malware Trojan can also be called as Remote Key Loggersince it records key strokes of all the applications of our computer and send it to the hacker.
How Trojan Horse hacking works?
A software you think legit might be a trojan. A PDF you don’t suspect might contain a trojan. A avi media file you have might be a trojan. Trojan horses runs in the backgroud process, collect information and send it to hacker. Trojan horses can be sent in any form through any medium like pen drive, ipod, website or email. In our topic, Trojan records Gmail password that you have typed in your browser and send it to the Gmail hacker using Internet.
How can you prevent yourself from Trojan?
Don’t install programs from unknown source.
Don’t play media files received from unknown source.
Don’t open any kind of files downloaded from untrusted sources.
Don’t insert pen drive from any suspicious people.
Have an updated anti-virus software installed in your computer.
Having an updated anti-virus software do not guarantee you to stay safe from hacking. Basically an anti-virus software is a collection of detected malwares and viruses. Its job is to compare each and every file with their database of viruses. There are many softwares which enable us to create a undetectable trojans. But it is very unlikely to target a common man with undetectable trojanware. So having a updated antivirus program is some what protective.
9 Gmail Zero Day
Zero day is a security vulnerability that are unknown to the respective software vendor. In our context, Undiscovered Google vulnerabilities are called Gmail Zero Day.
]
