Hack Proof Your Life – Part I
It’s been a while and my mental blockade hasn’t faded away.. The last blog on how twitter has changed my life won me Rs.1200 worth planet M voucher.. Phew a reward when you are facing a blockade is good motivation. If that wasn’t enough, talking to Disha, who I met at the RCB fanatic fan challenge helped. There is so much to discuss, so many buffered memories, so many topics, so much to discuss! LVS, this discussion is going to be in parts but i don’t garuntee on the length of the post, I’ll know when it’s complete :).. How many parts? One? two? three? ten? I’m not sure.. Lets just get started.
The following is a conversation that i had with one of my friends two years back that I hope has thought him a lesson..
“Hey, I’m unable to login to my orkut account.” exclaimed my friend. “May be you are typing the wrong password, Check if caps lock is on.”.. “Nope, the password is correct.. I’m just unable to login, can u try?”..”Nope.. It should be the same here.. Did u try the forgot password link?”..”Umm, yes.. No email in my secondary email too..”..” May be you should try it after sometime..or may be your secondary account expired :D” That got my friend thinking as I got back to doing what I was doing., browse! 🙂
Fifteen minutes later, another common friend..”I’m unable to login too.. Somebody is playing with our accounts!”.. I log into my orkut account and visit their profiles just to ensure that there was no spam activity.. To my surprise (or not?) I have a comment in my scrapbook.. and there is a change in the profile picture! A picture of a DOG :D..
“Machi, I think my profile is hacked! How do i stop it.. how can i report this.. what to do?” These were tense moments! He creates a new orkut account and shares it with all his friends, warning them of spam from the old profile. He was really worked up now..
“Kunal, Did u do it?”.. “Err.. Why would i do it?”…”It’s definetly is someone from our group.. It’s the photo from the film cujo, the one that i was narrated last evening. Guys, stop playing now! Please!… ” and finally, I gave in!
Yes, It was me.. How and why would i do it? Why would I log on to my friend’s account and want to play it for so long? I wanted it to stop almost immediately, but i wanted my friends to find the lead to me.The dogs photo was a hint! They did figure it was me, but almost after he had given up. I was then labeled criminal minded &^%^&!
People locked their systems with me in 10 feet radius! They were scared, but really the reason why i did this was for them to understand how easy it was for me, and how they could have made my life difficult by locking their systems when they left 🙂 The next few hours I told them how it was all done and they appreciated. Some of them wanted me to share the software so they could spy on their siblings.. I didn’t, it was enough knowledge for them, plus this wasn’t completely virus free :).. So how did i do it? What did i use?
I watch this show on BBC Entertainment on how con men use different techniques to part people of their money, doing tricks that you wouldn’t know unless they happen to you. One episode was completely aimed at educating the viewers about internet based crimes. This hack however wasn’t a detailed step by step guide. I figured it out myselves. It was as easy, simple and free to be downloaded from the internet… Ah,so it’s a software? Right, You sure are getting intelligent by the day 😀
First: I download a free trial version of what is called a ‘Keylogger’. A key logger is a keystroke recording software that can be used to monitor activities on a computer.. and that is how i got the password! The trial version leaves a small icon in the tray, a different software of similar type gives the self conceal feature, once it is run there is simply no other way u can find the application. It is controlled by what is called a hot key, A password. Just press the keys on the keyboard and it magically appears.
Wow! That’s so cool!! Imagine having one on your system.. It’s hidden and it’s recording sensitive information dude! U think it’s cool..?
The free version only allows you to access the files on the victim’s machine. To help me, my friend’s computer was open to be used, he never locked it, some of us even don’t password protect it. The paid version of the same comes with facility to email the log as soon as the internet connection is activated. All this comes only for a small price! But hey, this software needs to be installed on the victim’s computer manually..
Ah.. thank god, so as long as i have my system password protected, if the hacker does not have my computer’s password I’m safe!
Wait, how many times u only open links that contain genuine information? Have u never clicked a malicious link? Hackers have developed worms that carry this software, automatically download them to your computer, install the software, start recording the data, send it to owner on email and also automatically spread to all your contacts exposing their information too.. All this even without a trace on your system!
Feeling scared? To protect yourselves, never click any links that you think are spoofed. Most browsers now also come with a phishing filter that blocks or sometimes even warns the user of malicious data. So ensure you have phishing filter turned on in your browser. You’ll also need install a good anti-virus and update it regularly. Turn on automatic updates, they will take care of themselves. DO NOT use browsing center computers to do bank transactions, U never know if there are any key logging software installed. Always lock your screen before you leave your place.
Are we safe now? No. you lock the front door and the hackers will find a backdoor. Even with the software secure, the hardware is still ready to be exploited. There are hardwired key loggers, These fit in between your keyboard pin and the pin into the CPU. This particular episode showed the con-men using a hardwired key logger which was installed by the cleaner into an employees PC.
To ensure that the employee logged into the banks website, the con men give her a call to login to the website to ensure that it wasn’t deactivated after some technical glitch that their servers experienced. She falls for the trap.. Every single keystroke recorded, and all the money swiped in one night!
Life teaches you lessons the hard way..! I carried out giving hints to my friends to finding me suspect to ensure they remembered every single thing for a long time. This also led them to sharing this with a few friends. They were educated. If that makes me the bad guy, I don’t mind being one. For people interested in learning more about con games, and how one can avoid being part of one, watch ‘The Real Hustle’ on BBC entertainment. The new season air’s Monday nights at 9.10 PM. For everyone else, it’s a wrap. More about how ATM distractions work, and how easy it is to steal one’s identity in the coming posts!