How do you steal passwords Facebook, of the bank and the mail. tutorial: how to defend themselves.

The phenomenon of stealing passwords account of our most precious is a phenomenon scary increase. There are many ways to steal passwords Facebook, the mail, bank and sites that we care more, let us see what are the most commonly used methods steal passwords to understand how defend.
Not by chance we equated password Facebook and mail with those of‘internet banking or credit cards. We are usually used to carefully protect access to our money, but very often overlooked passwords for systems of social networks like Facebook and LinkedIn or e-mail. Actually steal your Facebook password and email is a crime in frightening growth. Why?

Through our social network and our e-mail, hackers can perform a real Identity Theft. With the information available in our profile or e-mail, who has stolen the password could build a duplicate of our identity with which commit cybercrime and not, shop and put us in trouble anyway.
Let's see together, in very simplified way, what are the the most effective techniques used to steal passwords to give you the opportunity to pay more attention to fraud riconscere.
Let me be clear that this is not a guide on how to steal facebook password or email, but for a guide on how to work the theft of credentials very simplified way of giving even the less experienced helpful hints, and especially to avoid giving more “experts” too much curiosity to explore the topic that could be highly risky!

We take advantage of the invaluable assistance of an expert who takes care of security of information systems, who will be happy to answer your questions, both in comments and in direct messages through our contact form

 

Keylogging

This is the method most “simple” and dated. Is to steal passwords via a software installed on your PC or mobile device (especially Android) that does nothing but “record” everything you type on the keyboard. The most advanced keylogging software recognize the site where you are and are activated only during access the sites of banks, credit cards, email and social networks: in this way will record only typing in your username and password. For example, when you find yourself in the https page://www.facebook.com and you are not logged in, the software will record the type of email address and password by sending the author of the software (the CoE. hacker) thus improving the theft of the password for your Facebook account, bank, the mail and so on. (There are also physical keylogger, devices that attach directly to the pc in the doors ps / 2 or USB but are poorly used)

Trojan / Virus

Trojans are particular types of Virus, that in addition to the characteristic to steal passwords, spread automatically infecting other computers or mobile devices autonomy, without the user could ever know.

password_trojanTrojans can tamper with heavily your computer or your smartphone, especially by changing the fundamental components of internet browsers (especially Internet Explorer versions prior to 9).
For example, they show additional fields in pages that normally enter your user code and password, replacing so sometimes imperceptible fields that normally fill, fields with very similar but send your password all’hacker.
Could for example make additional fields appear to fill: addition to the normal email fields and Facebook password, may be asked to enter the password again “for safety reasons”: the first password will be used to access, the second password (typed by yourself) will be stolen and transmitted to the hacker.
Keyloggers and Trojans are therefore of the software that you do not know the existence and that is installed on your computer or smartphone without noticing it. They are usually hidden in little programs that you download from the internet or someone you know who sends you email (in fact it is a fake mail, and your friend ’ has not contributed really).
Very often, keyloggers and Trojans are “transvestites” from software that promise to protect your computer, to solve computer problems or even steal passwords of other (who makes the ’ aspects of ...).

How to protect yourself: normally the Keylogger and the Trojan used to steal password are discovered by a good antivirus, If checked and updated daily and if you regularly scan your pc. For added protection you can activate the built-in firewall of Windows or third-party, that will warn you if a software tries to communicate to the outside (to transmit the password)

 

Phishing

Phishing is a type of fraud via the Internet through which an attacker tries to trick the victim into believing to provide sensitive personal information.
You'll certainly happened to receive email from the post offices or banks other than your, we may ask in an Italian affected to perform actions, to click a link in the email to receive an award, cancel a payment, get money.
The purpose of this email, massively sent to millions of collected email addresses in network, is to “fish” among many recipients some naive, maybe the customer to the bank or post office, intrigued or worried that performs as required in the mail, clicking on the link.
The link usually leads to a clone of the bank's website, of items, Facebook or e-mail in which the victim is asked to enter your user code and password. The site, however, appears, despite being a faithful reproduction of the original site, it is actually a phishing site, that will steal passwords and transmit the hacker author of fraud.

How to protect yourself: social networks, banks, internet providers, precisely because of this type of fraud will never ask you to click on links within emails, therefore beware of these messages.
When you need to access a secure site, type in the website address in the address bar of your browser, even without going through Google. To access facebook, type in facebook.com (http www e:// can be safely omitted), do not click on links within email messages and do not use the various search bars.

You can check to find the right site, carefully checking each access the address bar of your browser. In the example below you can see a typical case of phishing. The site is completely identical to Facebook, but looking at the address bar it is understood that the site is fake and was created to steal passwords Facebook:
rubare le password phishing

 

Theft of passwords directly from your computer

Please note that there are also programs, that allow you to find passwords hidden behind the “asterisks” or to “dots”. Very often the browser “remember” for your convenience, the password you type: in this way it will be faster to access Facebook or your email.. but at the expense of safety. When these data are precompiled automatically, you are shown the shot or asterisks to prevent someone can see the password.. but there are programs that let you read the password hidden: for example, read our article: “Find the Facebook password

 

Password selection

Anyhow, our advice is to choose passwords that are at least 8 characters, which contain both uppercase and lowercase, numbers and special characters (eg – _ + ; ( etc..). The ideal is to have different passwords for each different site (in this way, if you were to steal a password.. hackers would have access only to a system, not at all)

 

If you think you have suffered a theft of passwords..

The first step you should do immediately is to immediately change password by a computer “secure”.
Then immediately signaled that your account has been compromised: all banking systems, for example a procedure to block compromised accounts, Facebook also has a specific page to report that your account may have been hacked: https://www.facebook.com/hacked

 

For maximum safety..

password_otpEquip yourself with devices that allow you to have credentials “safe”. It is “strong authentication”, ie of alternative systems or additional to the normal password. Credentials can be sent via SMS to your mobile (vulnerable, however, in the case of virus infection on your smartphone), free calls to be made exclusively from your mobile phone to authorize risky operations, or password generators “throwaway”, better known as “Token” the “OTP” available in both hardware versions (read Famous “keys” the “Keychain” equipped with a display showing a code to enter the site) or software (applications installed on the PC or on your smartphone that generate codes are very similar to those shown in token.

Please note that it is Facebook that in Gmail you can use the generating security codes (Facebook: codes generator Gmail: occurs in two steps )