Social Media Hacking - What is Phishing?

What if I told you, I am gonna teach you how to hack a Social Media account in this article?🤫 Trust me, we will learn Social Media Hacking today. But hey, first let’s look at the Agenda…

Agenda - Aim of this article is to make you aware of how this works in real life so that you prevent yourself and your friends from this hack. That means, this is for the educational purpose only, and be ethical😉

Before we start, Let’s look at what Hacking is.

What is Hacking?

Hacking refers to exploiting system vulnerabilities and compromising security controls to gain unauthorized or inappropriate access to the system resources. Hackers are individuals with excellent computer skills, with the ability to create, explore, and exploit the computer’s software and hardware. The intention can be either to gain knowledge or to poke around to do illegal things.

What is Ethical Hacking?

It involves the use of hacking tools, tricks, and techniques to identify vulnerabilities so as to ensure system security. Ethical Hacker performs security assessments of their organization with the permission of concerned authorities.

That said, now let’s move ahead and let’s talk about Social Engineering.

What is Social Engineering?

Social engineering is the art of manipulating people so they give up confidential information.

The types of information these attackers are seeking can vary, but when individuals are targeted the attackers are usually trying to trick you into giving them your passwords or bank information, or access your computer to secretly install malicious software–that will give them access to your passwords and bank information as well as giving them control over your computer.

So, we can conclude that it is one of the most dangerous hacking attacks. Someone can just trick you to give your information and Boom!🎇

Now, let’s talk about Phishing.

Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers.

It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message.

We will be using this technique called Phishing to learn about Social Media Hacking. So, let’s keep the theory things aside, and dive into the practical and let the hacks begin ☠

Prerequisites

• You will need Virtual Box downloaded in your machine
• You will need Kali Linux installed in your Virtual Box so that you can use tons of tools that are provided in Kali Linux for hackers.

Once you have Kali Linux installed in your system, we are ready to roll…

We will be using a Kali tool called Shellphish -- Shellphish is one of the most amazing tools to perform Phishing. Shellphish offers predefined 15+ templates of the majority of social media and email providers.

So, let’s get started, it is pretty simple to work with once you have access to Kali Linux.

Step 1 - Installing ShellPhish

Downloading and installing shellphish is pretty simple. Just hit the below command in your Kali Linux terminal,

git clone https://github.com/thelinuxchoice/shellphish.git

Step 2 - Giving Permission

Once you have downloaded and installed Shellphish, to use it, you will need permission to use this.

Using the terminal, move to the folder where you installed this tool,

                                
                                    cd shellphish/
                                
                            

Next, you will need to use the command ‘ls’ that will list out all the directories in that folder.

                                
                                    ls 
                                
                            

Step 3 - Running the tool

Once you have listed all the directories, you will need to run the file called,

shellphish.sh

This can be done in the following way,

                                
                                    ./shellphish.sh
                                
                            

This will start the tool that will look something like below,

As you can see, there are 20+ options that you can use. So, let's try and hack Instagram.

Step 4 - Launching the attack

We just need to type the number corresponding to the template. Let’s say we need to use Instagram, so on the command line, we will hit command,

01

This will result in something like below,

As we can see, we have got a link, we need to send this link to the victim and trick them into opening the link and entering the credentials. Here your Social Engg. skills come into action. Once the victim opens the link, they will be able to see a page that will look exactly like the Instagram login page, and this will earn their trust. Once they have entered the credentials, HACKED! You will be able to see their username and password on your Kali Linux terminal. The victim will be now redirected to the original Instagram page.

This is how Social Media Hacking works and this is what Phishing is… This is how most of the time, people get tricked into giving up their own personal information. Thus one should always be careful while opening the link and checking whether the site is legitimate or a clone.

Let us know below in the comment if you have ever come across this hack. Help your friends and family and be ethical. That's it for this article. 😀