This article is the last episode of our series dedicated to e-mail and IM passwords recording techniques.

Our objective for presenting you with this material is an informative one – pointing out different techniques used for recording web mail and IM passwords together with their advantages and disadvantages. As most of them are probably illegal we do not recommend anyone to put them in practice – rather to protect themselves from such attacks or to use them in a legal manner.

In this article we will present the last two techniques:
- Brute-Force Attack
- Social Enginiring

Brute-Force Attack

Many people are searching for software able to perform a brute-force attack. This is totally impractical. It would take hundreds of thousands of years to attempt any kind of successful or at least a reasonable brute-force attack against AOL®, Yahoo® or Hotmail® and this period of time would expand exponentially if the password is longer than the minimum required length. Increasing the number of computers and multiple sessions may reduce this time to thousands of years.

This is highly illegal as these services own the servers on which an account is targeted. Even if you are attacking or hacking your own account, you don’t own the servers. It is unlikely that you will recover a password in this way, but it is highly possible that you’d be arrested and charged for doing this action.
 
 
Social Engineering

Social engineering is the name given to the technique of attacking the person, rather than the computer, server or system. The basic principle is that many people can tricked to give someone else their personal information: id and password if they think they can trust that person. For example, someone might call you saying he was from AOL and that he was finally getting to respond to your support question. He would then ask to describe the problem that you are facing and tell you that he has a solution.

However, he just needs to verify your account and asks you to give him the username and password again. You would be surprise how many people would fall for this pretty obvious scam. In most cases this scam would be very elaborate. The more information the caller provides the more realistic the call would be. Again, never provide your password to anyone. This is a basic principal – no customer service representative will ask for this information.
 
Both techniques are highly illegal and we do not recommend you.

A possible techniques – easy to use (nor requiring extensive technique knowledge) is using a KeyLogger software application. This technique is very effective in recovering your own password or lost information and also in case you want to find out a password or sensitive information. Please note that this technique is legal only if used on your own computer.  Installing a KeyLogger on someone else computer without their knowledge is illegal. In this respect we can recommend you All-Spy KeyLogger or to visit an independent source such as: www.keylogger.org

All these are the basic methods that we are aware for hacking an e-mail or IM account or any other dial-up or on-line password. We hope this information will answer some of your questions and help you better protect against such attacks.

You Should Also Check Out This Post:

More Active Posts: