Today we learn How to Get Someone’s Account Password through Phishing on the Same WiFi. What is Phishing you may ask? Well, simply put, phishing refers to any online fraudulent acts performed by individuals with an intention of acquiring personal information such as passwords and credit card information of unsuspecting individuals. This can be done in many ways, some even through emails sent straight to your inbox with a letterhead of a reputable company just to win your trust. Today, however, we will focus on phishing activities that can be done if the victim and the, let’s call him, Phisher, are connected to the same WiFi Network.
For this tech tip, we will play Dr. Evil. We aim to help out that sad brother to steal the password for his own plans. No matter what it is you want to do with this method, you need to be aware that it is not ethical to steal a password. But since we are here for you, welcome. This should also open your eyes so that you don’t fall victim to phishing. Let’s get straight into today’s trick.
Get Someone’s Account Password through Phishing
First of all, carrying out phishing is simple since all you will be needing is a simple application. While Google and Apple work hard to remove such apps from their respective application stores, you can get them off the market. Also, there are many Free Phishing apps that can be downloaded for the PC and Mac. No matter the device you will be using, the method will be the same.
Search for phishing apps for your specific device. A laptop or desktop will not need much permission to install the app. For android, you will need to allow for the installation of apps not from the Play Store. For the iPhone, you may have to root the device to allow for installation of apps not from the App Store. Install the app on your device and proceed as follows. Previous versions of Mozilla supported an extension known as firesheep which had the ability to hijack cookie sessions.
Go to the public wifi you need to steal the login information from. If you are targeting a specific person, make sure they are on the same wifi and actively using it. What you need to note is that the password you are going to steal is not the wifi password (it’s a public wifi remember) but one for a specific site like Facebook, skype or any other account that the victim is logged into.
Now open up the app or software downloaded above. Locate the name of the user on the wifi network. The app will give you a list of all the users on the network. Click on the user. A list of the logged in accounts will be displayed, the ball is in your court. Have fun responsibly. Read on to find out how Phishing makes it possible to steal someone’s Password.
How Phishing Captures Someone’s Password.
You may be asking yourself, how do phishing apps access someone’s password? Well, here is the physics behind it. When you log into any online account, the browser creates a cookie for every session and for the entire period you are browsing the site. This cookie ensures you remain logged in even if you refresh the page a thousand times. Phishing apps hijack these cookies and can create replica sessions on the phisher’s device. Some advanced phishing apps and software can read the cookie and actually display the password while others are only able to hijack the session and get you logged into the victim’s account without knowing their password.
Protect yourself from Phishing
Now that we know connecting to public WiFi makes us vulnerable, be worry of the accounts you log in while you are on a public WiFi. I did a tutorial on how to connect to Password protected Wifi for free on android, but in this regard too, mind what you are browsing after you connect freely to someone’s private WiFi. Some websites are safe as they are protected with SSL certificates and information shared on such websites cannot be stolen. Sites bearing the https:// in the address are safe. Be warned that phishing is illegal and this article is only for educational purposes.