webmail security

Discussion in 'other security issues & news' started by HURST, Mar 4, 2008.

Thread Status:
Not open for further replies.
  1. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Today at work, I accidentally overheard a co-workers phone conversation. He was telling somebody that he needed to hack someones hotmail account. He said he searched some forums and found some ways to send an email with a link, and if the receipent clicks that link, the account password would be sent to him. He said that it was easier to hack gmail or yahoo accounts, but that he finally find a way for hotmail and that he was testing it to see if it worked.

    Gladly I don't click links in my email, so I'm not to worried about this, but is such a method possible?
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    It's simply phishing. Send a link to the victim > the victim clicks the link > the victim enters his/her user ID/password, done.
     
  3. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Yeah, I thought so, but is there a way that doesn't require the victim to enter ID/password?
     
  4. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    XSS could be an option.
     
  5. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Saw it working today, you were right...good old fashioned phishing
     
  6. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Nothing high-tech, eh? :D
     
Loading...
Thread Status:
Not open for further replies.