The document discusses account hijacking, which is when a hacker gains unauthorized access to someone's online account, such as email, social media, etc. It describes how hackers can hijack accounts by stealing login credentials or exploiting vulnerabilities. It provides tips for protecting accounts, such as using strong and unique passwords, changing passwords regularly, and being wary of phishing attempts that try to steal login information. If an account is hijacked, it advises immediately contacting friends to warn them, and the service provider to regain control of the account.
6. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Introduction
Online Accounts
Today all Internet users have some sort of account. Typically, people
have a Facebook account, a Twitter account, a GMail account, a yahoo!
mail account, etc.
Many people use their accounts for serious business so they want to
use their real name and a real photograph of themselves.
Unfortunately, people are not always careful and so people with no
good intention are taking advantage of this.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 3 / 8
7. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Introduction
Online Accounts
Today all Internet users have some sort of account. Typically, people
have a Facebook account, a Twitter account, a GMail account, a yahoo!
mail account, etc.
Many people use their accounts for serious business so they want to
use their real name and a real photograph of themselves.
Unfortunately, people are not always careful and so people with no
good intention are taking advantage of this.
But it is not always enough to be careful!
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 3 / 8
10. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Introduction
What is Account Hijacking?
To hijack means to steal by stopping a vehicle on the highway.
Account hijacking is a process through which an individual’s email
account, computer account or any other account associated with a
computing device or service is stolen or hijacked by a hacker.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 4 / 8
11. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Introduction
What is Account Hijacking?
To hijack means to steal by stopping a vehicle on the highway.
Account hijacking is a process through which an individual’s email
account, computer account or any other account associated with a
computing device or service is stolen or hijacked by a hacker.
Practically, Bob hacks Alice’s mail account and sends emails to people.
Bob may intend to defame Alice or to make profit.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 4 / 8
12. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Introduction
What is Account Hijacking?
To hijack means to steal by stopping a vehicle on the highway.
Account hijacking is a process through which an individual’s email
account, computer account or any other account associated with a
computing device or service is stolen or hijacked by a hacker.
Practically, Bob hacks Alice’s mail account and sends emails to people.
Bob may intend to defame Alice or to make profit.
People create fake social media accounts to spread rumors, lies, etc.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 4 / 8
13. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Introduction
What is Account Hijacking?
To hijack means to steal by stopping a vehicle on the highway.
Account hijacking is a process through which an individual’s email
account, computer account or any other account associated with a
computing device or service is stolen or hijacked by a hacker.
Practically, Bob hacks Alice’s mail account and sends emails to people.
Bob may intend to defame Alice or to make profit.
People create fake social media accounts to spread rumors, lies, etc.
To protect themselves, people create accounts with the word “real” in
the account name. For example, Donald J. Trump’s Twitter account is
@realDonaldTrump.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 4 / 8
14. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Introduction
What is Account Hijacking?
To hijack means to steal by stopping a vehicle on the highway.
Account hijacking is a process through which an individual’s email
account, computer account or any other account associated with a
computing device or service is stolen or hijacked by a hacker.
Practically, Bob hacks Alice’s mail account and sends emails to people.
Bob may intend to defame Alice or to make profit.
People create fake social media accounts to spread rumors, lies, etc.
To protect themselves, people create accounts with the word “real” in
the account name. For example, Donald J. Trump’s Twitter account is
@realDonaldTrump.
In most cases people are locked out of their account.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 4 / 8
16. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Protection
What to do if are locked out of your account?
Immediately contact everyone you can, by phone or using an alternate
e-mail. A mutual friend who has many of the same contacts can also
help spread the word through a social site or their e-mail address book.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 5 / 8
17. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Protection
What to do if are locked out of your account?
Immediately contact everyone you can, by phone or using an alternate
e-mail. A mutual friend who has many of the same contacts can also
help spread the word through a social site or their e-mail address book.
Next you have to work on getting control of your account again. Many
sites provide a facility to reset one’s password. Try it! If this does not
work, you will need to contact the company directly.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 5 / 8
18. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Protection
What to do if are locked out of your account?
Immediately contact everyone you can, by phone or using an alternate
e-mail. A mutual friend who has many of the same contacts can also
help spread the word through a social site or their e-mail address book.
Next you have to work on getting control of your account again. Many
sites provide a facility to reset one’s password. Try it! If this does not
work, you will need to contact the company directly.
Contacting the company directly is not easy. However, you can do a
Google search on “[name of service] account hacked”, where name
of service is gmail, facebook, twitter, etc., to find a useful link.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 5 / 8
19. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Protection
What to do if are locked out of your account?
Immediately contact everyone you can, by phone or using an alternate
e-mail. A mutual friend who has many of the same contacts can also
help spread the word through a social site or their e-mail address book.
Next you have to work on getting control of your account again. Many
sites provide a facility to reset one’s password. Try it! If this does not
work, you will need to contact the company directly.
Contacting the company directly is not easy. However, you can do a
Google search on “[name of service] account hacked”, where name
of service is gmail, facebook, twitter, etc., to find a useful link.
When you manage to use the facility to change your password, try to
find a really strong password. Use Google to find tools that generate
strong passwords and store this password somewhere.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 5 / 8
20. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Protection
What to do if are locked out of your account?
Immediately contact everyone you can, by phone or using an alternate
e-mail. A mutual friend who has many of the same contacts can also
help spread the word through a social site or their e-mail address book.
Next you have to work on getting control of your account again. Many
sites provide a facility to reset one’s password. Try it! If this does not
work, you will need to contact the company directly.
Contacting the company directly is not easy. However, you can do a
Google search on “[name of service] account hacked”, where name
of service is gmail, facebook, twitter, etc., to find a useful link.
When you manage to use the facility to change your password, try to
find a really strong password. Use Google to find tools that generate
strong passwords and store this password somewhere.
Once everything is back to normal, try to understand how your
account was hijacked.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 5 / 8
23. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Protection
What to do if you can still log in into your account?
Immediately CHANGE YOUR PASSWORD! For as long as they know
your password, they can do anything they want. Lock them out as
soon as possible.
Next you will let everyone know, but now you have to send an email to
all the people in your address book.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 6 / 8
24. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Protection
What to do if you can still log in into your account?
Immediately CHANGE YOUR PASSWORD! For as long as they know
your password, they can do anything they want. Lock them out as
soon as possible.
Next you will let everyone know, but now you have to send an email to
all the people in your address book.
Once everything is back to normal, try to understand how your
account was hijacked.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 6 / 8
27. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Protection
How to protect your accounts?
Periodically change your passwords. Always chose strong passwords.
Crackers usually use software to break your account. The stronger the
password, the more difficult it is to break it.
Always log in into your accounts from machines that you do trust.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 7 / 8
28. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Protection
How to protect your accounts?
Periodically change your passwords. Always chose strong passwords.
Crackers usually use software to break your account. The stronger the
password, the more difficult it is to break it.
Always log in into your accounts from machines that you do trust.
Never let browsers remember your passwords on machines you do not
own or use exclusively.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 7 / 8
29. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Protection
How to protect your accounts?
Periodically change your passwords. Always chose strong passwords.
Crackers usually use software to break your account. The stronger the
password, the more difficult it is to break it.
Always log in into your accounts from machines that you do trust.
Never let browsers remember your passwords on machines you do not
own or use exclusively.
Be wary of social media applications with which you are unfamiliar.
Some applications may be designed to steal account information or
distribute spam or malware.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 7 / 8
30. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Protection
How to protect your accounts?
Periodically change your passwords. Always chose strong passwords.
Crackers usually use software to break your account. The stronger the
password, the more difficult it is to break it.
Always log in into your accounts from machines that you do trust.
Never let browsers remember your passwords on machines you do not
own or use exclusively.
Be wary of social media applications with which you are unfamiliar.
Some applications may be designed to steal account information or
distribute spam or malware.
From time to time google your name! This helps to discover fake
accounts, etc.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 7 / 8
31. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Protection
How to protect your accounts?
Periodically change your passwords. Always chose strong passwords.
Crackers usually use software to break your account. The stronger the
password, the more difficult it is to break it.
Always log in into your accounts from machines that you do trust.
Never let browsers remember your passwords on machines you do not
own or use exclusively.
Be wary of social media applications with which you are unfamiliar.
Some applications may be designed to steal account information or
distribute spam or malware.
From time to time google your name! This helps to discover fake
accounts, etc.
Use google to find more about social media prevention of account
hijacking.
Georgiadou et al. (2GymXan) Account Hijacking 20/03/2017 7 / 8