:D Well guys and girls, after reading the article if you give that a try, you are caught.. . You are just revealing your username and password for the person at forgotpasswordbot@hotmail.com... ( Well, I created that Id) The above is a social engineering trick played by me. There aint any bot called FORGOTPASSWORDBOT :lol: , It was just an email account I created to trick some real dump guys :P .. Hope that you are not the one among those..!!
If you ever saw some article saying about the Auto password reminders of Hotmail or these types, they are all useless. The people at Hotmail or Yahoo! are not fools to install such servers..!!. <_< Anyway, I will write something more about Social engineering tricks here, dont fall into any of these tricks....
1) To know some information about an user, the best way is to chat with that person... If the age of the victim is between 15-30, above 90% users will be using his/her lover or spouse's name as their password... :P Some others use their pet's name, their job title, their DOB, their place of living,Phone number etc.. as their password... You can gain such information during chat time. Below is an example of such tricks used by me during chat-time in an Indian room..!!
Me: hi
Victim: hi
Me: how r u?
Victim: fine. What abt u?
Me: Very fine
Me: Where r u 4m?
Victim: I am from Kashmir.
Me: I am also from Kashmir.
Me: where in Kashmir??
Victim: gr8
Victim: Srinagar
Me: Today is my birthday
Victim: Oh! Many many happy returns of the day
Me: Tnx
Me: What is your DOB?
Victim: DOB???????????
Me: Date of Birth
Victim: 22/2/1979
Me: Oh god! My girl friend's Bithday was also the same day.
Victim: I C
Me: Do you have any g friends?
Victim: ya. Neeta
Me: Ok.
Me: gtg now
Me: bye
From the above conversation we have got some information to crack his email account.. ( See, I am talking about dump guys, Dont tell me that you will never use your spouse's name as password or see, Just catch the point from me... I know that it is not at all easy to get the password from these kind of informations.. ).. Fine , now lets see what information have we collected.
From his screen name we can know his email address
The victim said that he is from Srinagar. I know the postal code of that place. Saying today is my birthday I got his date of birth, also I got his girl friend's name :lol:
Afterwards I went to the homepage of the mail service he is using and clicked "Forgot Password". In the next page it requested to give the date of birth and his postal code. Fortunately the service he is using doesnt ask any secret questions, it just shown up the current password. :D
I told you, this method may not work all the times... You have to quickly gather the information you want.
2) The second and one of the best ways is to design a fake login screen for the email account the victim is using... You can find a lot of services on the net providing the CGI send mail accounts for free... Using these scripts you can easily get the username and password of the user directly to your email account when ever an user logs in through those screens... :)
But for making him to logon through your screens you must use some social engineering tricks and send an email to him.
There may be many other methods to reach your target. These are the ones I know and I use and I have succeeded..
So, All I am telling you is the power of Social Engineering..!! Enjoy..!!
Manu B)
Thank you YORN for your contribution :D ... Unfortunately Tweakz20 made a little problem for me :lol:
:lol: I am glad that most of the posters here understood the trick.. I thank you guys..
I request you guys who fell into this ( I wonder, mail box is alomost full now :lol: with logins and passwords ) , change your Password .. I am not going to play with it, I assure you, but still it is better to change your passwords.. Dont fall into any kind of tricks next time...
now, the question i would like to know. did tweakz actually do this with you? cause he had no clue what i was talking about. lol.
:lol: :lol: :lol:
Oh Set_Coo, He had no clue about it.. Funny, if he knew, well, he would have posted something like "Damn, it is right, I got a few passwords" etc etc.. :lol: ..
I knew what was going on, but only because I'm the master at social engineering and have used this trick in the past. If you are going to do it, set up a website, created multiple identities and make it look totally legit. Manu kind of did this on the fly, but my post helped contribute. :)
I knew what was going on, but only because I'm the master at social engineering and have used this trick in the past. If you are going to do it, set up a website, created multiple identities and make it look totally legit. Manu kind of did this on the fly, but my post helped contribute. :)
"the master" ...... ok....... if anyone was THE master it would have to be kevin mitnick....
yeh i have used this for some time ago:p
But what sucks, atleas with hotmail, you have to change the password, and then the person u "hack" understand that he has been hacked and will change his email secret password to something harder.
Just for an test( i just did it), i typed in a mate of mines hotmail and pushed forgot password. Then you had to choose country,(and state if ur victem is in usa), and then his password was: Whats the name of my favorite pet?( something like that)
I just pm'ed him and told min that i got 2 new cats, and i was wondering about what i should call them( one male and one female).. then i ask what his favorite pets name was, tryed first the male one, dident work, then i tryed the female name he gave me, worked ;)
Ofcource i told him about this and gave him the password i changed to, i know that this person woulden be mad at me, thats why i choosed him:)
he wanna trick you :angry:
don't send any mail to this mail
this is a old way to hack mail
he said this way is most lame :D
yes his way is most lame :P
admins pls delete or edit this topic
he wanna trick you :angry:
don't send any mail to this mail
this is a old way to hack mail
he said this way is most lame :D
yes his way is most lame :P
admins pls delete or edit this topic
it reminded me when i encountered someone telling that he has an autobot to recover hotmail passwords... so someone else sent his email address and told the lame guy "ok here it is hack my address with it if you can"... but i don't guess that it still can fool people.
"The wisest one is the one who knows himself/herself." Quote of the life
belgther... aka... belgther
I don't believe this...
It's to damn easy..
From where did you know you have to send it to THAT specific e-mail adres?
And how did you figured out you need 3 blank lines etc...
Sign In
Register
Help
This topic is locked
MultiQuote
Posted 06 September 2004 - 05:17 AM
