Codelivly  

Home » Ethical hacking » Social Media Hacking – What Is Phishing?

ETHICAL HACKING

Social Media Hacking – What Is Phishing?

By Rocky ◆ November 22, 2022  No Comments  8 Mins Read

 Share     

Login into account in email envelope and fishing for private financial account information. Vector concept of phishing
scam, hacker attack and web security

Phishing is a type of social engineering attack in which hackers attempt to trick users into
giving them sensitive information, such as passwords or financial information. The name
phishing comes from the fact that these attacks are often conducted via email, and the
emails are usually designed to look like they’re coming from a trusted source, such as a bank
or a social media site. While phishing attacks can be conducted via other means of
communication, such as text message or instant message, email is by far the most common.

What is Phishing?
Phishing is a type of social engineering attack in which the attacker attempts to trick the
victim into disclosing sensitive information, such as login credentials or financial information.
The attacker may use various methods to achieve this, such as sending an email that appears
to be from a legitimate source, such as a bank or online retailer. The email will often contain a
link that directs the victim to a fake website that looks identical to the legitimate site. The
victim may then enter their login credentials on the fake site, which the attacker can then use
to gain access to their account. Phishing attacks can also occur through instant messages or
social media messages.

How does Phishing work?

When you receive a phishing email, it will look like it’s from a legitimate company or individual.
The email will usually include a link to a website that looks like the real thing. But when you
click on the link, you’re taken to a fake website that’s designed to steal your information.
Phishing emails often try to trick you into giving up your username and password, your credit
card number, or your Social Security number. They may also contain attachments that install
malicious software (malware) on your computer. This malware can give the attacker access to
your computer, and they can use it to steal sensitive information or commit other crimes.

What are the consequences of falling for a Phishing attack?

When you click on a phishing link, you may be taken to a fake website that looks real. The
fake website may ask you to enter personal information, such as your credit card number,
social security number, or bank account information. If you enter this information, it can be
used to steal your money or identity.
Phishing can also result in your computer becoming infected with malware. Malware is
software that can damage your computer or give attackers control over it. Once your
computer is infected, attackers may be able to access your personal information, send spam
email from your account, use your computer to attack other computers, or even take over
your webcam to spy on you.
In some cases, phishing attacks have led to large-scale data breaches. For example, in 2014,
the retail giant Target was the victim of a phishing attack that resulted in the theft of millions
of customers’ credit and debit card numbers. Phishing attacks can have serious
consequences for both individuals and businesses.

How to protect yourself from phishing attacks

Phishing is a type of social engineering attack in which the attacker attempts to trick the
victim into giving up sensitive information, such as passwords or financial information. The
attacker may use email, instant messages, or malicious websites to lure the victim into
clicking on a link or opening an attachment that will download malware onto their computer.
Once the victim’s computer is infected, the attacker can gain access to sensitive information
or use the victim’s machine to launch attacks against other computers.
There are several things you can do to protect yourself from phishing attacks:
– Be suspicious of unsolicited emails, even if they appear to be from a legitimate source. If an
email looks suspicious, don’t click on any links or open any attachments. Delete it
immediately.
– Don’t respond to emails that ask for personal or financial information. Legitimate companies
will never ask for this type of information via email.
– Be cautious of websites that are not secure (https://). These sites may be fake and created
by attackers in order to steal your personal information. Only enter your personal information
on secure websites.
– Keep your antivirus software up-to-date and scan your computer regularly for malware. This
will help to detect and remove any malware that may have been installed without your
knowledge.

What is Social Engineering?

Social engineering is the art of manipulating people so they give up confidential information.
The types of information these criminals are after can vary, but often includes passwords,
credit card numbers, or other sensitive data.
Criminals use social engineering techniques to take advantage of human psychology, rather
than relying on technical hacking skills alone. By understanding how people think and behave,
attackers can exploit vulnerabilities to get what they want.
Now, let’s talk about Phishing.
One common social engineering tactic is called phishing. This involves sending emails or
messages that appear to be from a legitimate company or organization, but are actually from
a fraudster. These messages typically include a sense of urgency or threaten some sort of
negative consequence if the recipient does not respond.
Phishing attacks can be difficult to spot, as the criminals go to great lengths to make their
messages look authentic. They may even spoof the email address or website of a real
company in order to trick victims into thinking the message is legitimate. It’s important to be
aware of these techniques and never provide personal information in response to an
unsolicited message.
It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an
email, instant message, or text message.
We will be using this technique called Phishing to learn about Social Media Hacking. So, let’s
keep the theory things aside, and dive into the practical and let the hacks begin ☠
Prerequisites
You will need Virtual Box downloaded in your machine
You will need Kali Linux installed in your Virtual Box so that you can use tons of tools that
are provided in Kali Linux for hackers.
Once you have Kali Linux installed in your system, we are ready to roll…
We will be using a Kali tool called Shellphish — Shellphish is one of the most amazing tools to
perform Phishing. Shellphish offers predefined 15+ templates of the majority of social media
and email providers.
So, let’s get started, it is pretty simple to work with once you have access to Kali Linux.

Step 1 – Installing ShellPhish

Downloading and installing shellphish is pretty simple. Just hit the below command in your
Kali Linux terminal,
 git clone
https://github.com/thelinuxchoice/shellphish.git

Step 2 – Giving Permission

Once you have downloaded and installed Shellphish, to use it, you will need permission to use
this.
Using the terminal, move to the folder where you installed this tool,

cd shellphish/

Next, you will need to use the command ‘ls’ that will list out all the directories in that folder.

ls

Step 3 – Running the tool

Once you have listed all the directories, you will need to run the file called,
shellphish.sh
This can be done in the following way,

./shellphish.sh
This will start the tool that will look something like below,
Linux Terminal
As you can see, there are 20+ options that you can use. So, let’s try and hack Instagram.

Step 4 – Launching the attack

We just need to type the number corresponding to the template. Let’s say we need to use
Instagram, so on the command line, we will hit command, 01
This will result in something like below,
Linux Terminal
As we can see, we have got a link, we need to send this link to the victim and trick them into
opening the link and entering the credentials. Here your Social Engg. skills come into action.
Once the victim opens the link, they will be able to see a page that will look exactly like the
Instagram login page, and this will earn their trust. Once they have entered the credentials,
HACKED! You will be able to see their username and password on your Kali Linux terminal.
The victim will be now redirected to the original Instagram page.
This is how Social Media Hacking works and this is what Phishing is… This is how most of the
time, people get tricked into giving up their own personal information. Thus one should
always be careful while opening the link and checking whether the site is legitimate or a
clone.
Let us know below in the comment if you have ever come across this hack. Help your friends
and family and be ethical. That’s it for this article. 😀

The Bottom Line

Phishing is a type of social engineering attack that tricks people into revealing sensitive
information, such as passwords or credit card numbers. Attackers typically create fake
websites or send fraudulent emails that appear to be from a trusted source, such as a bank or
social media site. When victims click on a link or open an attachment, they are taken to a fake
website or prompted to enter their personal information. Phishing attacks can be difficult to
detect, and even experienced users can fall victim to them. The best way to protect yourself
is to be aware of the signs of phishing and exercise caution when clicking on links or opening
attachments from unknown sources.

phishing

     

 PREVIOUS ARTICLE NEXT ARTICLE 

How To Create A Cookie Logger To Hack How to Become Network Security

Any Account Engineer

Rocky     

Rocky is a versatile author sharing in-depth tutorials on web development, AI, and ethical
hacking. Unlock new possibilities and expand your knowledge with Rocky's empowering
content.

Related Posts

CYBER SECURITY ETHICAL HACKING

So You Want to Be a Hacker: 2024 Edition Multiple Ways To Exploiting HTTP

May 8, 2024 Authentication
 March 30, 2024

ETHICAL HACKING

Bypassing Two-Factor Authentication

March 30, 2024

ADD A COMMENT

Search … SEARCH

Support Us

ABOUT US

This is the Codelivly blog. Here, you will find articles discussing various topics related to coding
and programming. Our goal is to provide helpful resources and advice for beginners and
experienced coders alike.

RECENT POSTS

So You Want to Be a Hacker: 2024 Edition

What is Active Directory? A Beginner’s Guide
Mastering Networking Fundamentals: A Comprehensive Guide for Hackers
Multiple Ways To Exploiting HTTP Authentication
Bypassing Two-Factor Authentication

IMPORTANT PAGE

About Us
Advertise With Us
Contact US
Privacy Policy
Refund Policy
Write For Us

     

© 2024 Codelivly. All Right Reserved