In this section we will discuss the practicalities of identity theft. The steps that an attacker follows to perform online identity theft are:
Find the targets e-mail ID, for example,
<[email protected]>
. This we can easily get with the help of Google and some Google hacks, through Google harvesting (the method used to collect e-mail IDs), or through LinkedIn.Once we have the e-mail ID of the target, we need to know more about them. We can get this information from LinkedIn or Facebook using the e-mail searching options.
Once we get the e-mail ID, their interim details, and picture, we are ready to rock and roll.
After that we need to create a look-a-like e-mail ID for the target and create an online account using the same picture and all the details that we have found and start sending fake requests to their friends using reasons such as "I lost my old account", "someone hacked into my account", and other such similar stories.
The next method that we are going to discuss...