Ethical Hacking and
Countermeasures
Version 6
Module XIII
Hacking Email Accounts
News
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Source: http://uk.news.yahoo.com/
Module Objective
This module will familiarize you with:
• Ways of Getting Email Account Information
• Vulnerabilities
• Tools
• Security Techniques
• Creating Strong Passwords
Si
i S
l
•
gn- n ea
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Module Flow
Ways of Getting Email
Account Information
Security Techniques
Vulnerabilities
Creating Strong Passwords
Tools
Sign-in Seal
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Introduction
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Introduction
H ki
il
t h
b
i
th
t
ac ng ema accoun s as ecome a ser ous
rea
Email accounts are the repositories where people store their private
information or even their business data
Due to the widespread use of the Internet techniques and tools
hacker can access the user ID and email password
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Ways for Getting Email Account
Information
Stealing Cookies
Social Engineering
Password
Phishing
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Stealing Cookies
If a web site uses a cookie, or a browser contains the
cookie, then every time you visit that website, the
browser transfers the cookie to that website
If a user’s cookie is stolen by an attacker, he/she can
i
h
mpersonate t e user
If the data present in the cookies is not encrypted,
then after stealing the cookies an attacker can see the
information which may contain the username and the
password
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Social Engineering
Social engineering is defined as a “non technical kind of i