Name: reality, breaking a security system requires more intelligence

Name:  Iqrarafiq

F.Name:  rafiq ahmad Iqbal

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

no:  165903

no:  2016-GCUF-01007



Tutor:  Dr. Muhammad Sheraz Malik

Audit 1

Account Hack (Real Story)


What is

The Process of attempting to
gain or successfully gaining, unauthorized access to computer resources is
called Hacking


To better explain piracy, you must first
understand the hackers. You can easily guess that your computer is intelligent
and highly qualified. In reality, breaking a security system requires more
intelligence and expertise than creating a security system. There are no strict
rules for categorizing hackers into clean compartments. However, in the general
language of the computer we call them white hats, black hats and gray hats.
White hat professionals hack the control of their security systems to make it more
resistant to hacking. In most cases, they are part of the same organization.
Black hat hackers hack the personal control of the system for personal gain.
They can destroy, steal or even prevent authorized users from accessing the
system. They do this by finding faults and weaknesses in the system. Some
computer experts call them crackers instead of hackers. Hackers with gray hat
include curious people who have enough language skills to allow them to hack a
system to detect potential vulnerabilities in the network security system. The
gray hats differ from black hats because the first warn the system
administrator of the weaknesses discovered in the system, while the system only
looks for personal gains. All types of hacking are considered illegal and prohibit
the work done by white-hat hackers.

Who are

Hackers are people who try to get unauthorized access to
your computer. This is normally done through the use of a ‘backdoor’ program
installed on your machine. You can protect yourself from these by using a
firewall and a good updated antivirus program. Normally you get a backdoor
program by opening an email attachment containing the backdoor program. It is
normal for a backdoor program to send multiple copies of itself to everyone in
your address book, so it is possible that someone you know inadvertently sends
you a malicious program. Some backdoor programs can work with any e-mail
program by storing and looking at a connection to a mail server, rather than by
actually running from a specific mail program. These programs automatically
link to any e-mail you send, causing unintentional sending of malicious
programs to your friends and colleagues.

What is
Bank Account Hacking?

The process of accessing the bank account / stolen the bank
account and using the funds from that account without the owner’s permission is
known as bank account hacking.


hacker hack the account:

First of all I want to say that I meet
to a person that *Name: Atif Subhani* is a web developer and also running a
company **Capstone Tech** and he said that one day someone text him about the
job and said that I want to hire you in a job so for the job he need to
transfer some files to his computer that is very large in size and that cannot
be sent via email, skype or any other source and said to Atif that I want to
connect with your computer using TeamViewer to transfer file in your computer send
me your TeamViewer id and password and Atif send him his TeamViewer id and
password and using that info he had been connected to Atif’s computer and on
Atif’s computer he disable the window 10 defender and starting to transfer his
file in Atif’s computer so after transferring the file in Atif’s computer he
was saying that please login to your bank account and create an invoice and
send to him and he open the website to login without the permission of the Atif
and when Atif see that website then Atif disconnected him from his computer and
the text him that what is your job? And he said to Atif that now *he stolen the
login info of the Atif’s bank account (US Bank Account) * and after said that
he was laughing and after some hours he send a message to Atif and said that he
was just laughing and did not stole the Atif’s bank account login info so Atif
was very confused about hearing that news about the *US bank login info* and
then Atif contacted to customer support of the bank and asked to the bank support
about this issue and bank support said that just change the password of the
account and then account will be secured. So Atif change the password of the
bank account and he also restore his computer and then he was feeling that all
things are ok. After some days on *4-December-17* he sleep the almost 1 to 2 am
safely and he awake up on 5 to 6 am and Atif was seeing the time on his mobile
and he see the some security emails received that emails was contained these
info: *Change Password alert*, *Update profile alert* and also see *Transferred
cash alert* so after seeing that alerts Atif was very worried / confused and
then he try to login the bank account but he remain unsuccessful and then he  try to recover the password and he also see
that hacker also remove his email from the bank account. So Atif was very worry
to see this because hacker did the three things with Atif’s bank account: (1)
Hacker Change the password of the bank account (2) Hacker remove the email from
the bank account (3) Hacker transferred 419$ from Atif’s bank account to his
own bank account. Then Atif call to his senior to discuss this issue and senior
say that don’t contact to customer support with email, contact them with
directly on call so then first of all Atif login to his friend’s bank account
and talk with the bank customer support using live chat complain them about
this issue and the customer support verify Atif’s identity and then post a
complaint to the security department and then Atif call them in USA using phone
call and asked them about this and then the customer support of the bank ask to
the Atif that provide an alternative email  and also send a picture containing the ID card
in one hand and a card(containing bank name) in second hand. So Atif send them
a picture with required documents and the bank restrict the 419$ and 110$ other
amount that was coming in the account so after the one day Atif receive the
email from the customer support that said that account has been recovered in
new email that Atif was provided and also 110$ had been also recovered. So now
Atif was somehow happy that account and some money has been recovered but the
419$ still not recovered so now Atif started prayer about this issue and also
he contacted to every week and ask the bank to recover his cash that hacker had
been stolen but bank support said that this is heavy issue because in this
account issue and your fund issue has been happened so it will take 90 days so
wait for this. One day Atif receive an email from the hacker and he said that
*I was transferred funds from your account so now I have received red alert
from the bank* and the Atif asked that please provide my funds that you stole
and hacker said that yes I will refund to your bank and he also send the
whatsapp number to Atif on email but Atif did not call him because Atif was
worry about this so Atif also complaint to customer support and asked them
about the hacker email and support said that provide us that email screenshot
so Atif provide the screenshot of that email to customer support so this time
was very sad for Atif Subhani. So on 12-jan-2018 Atif see the account and see
that bank had been refund his funds (419$) that had been stolen to the Atif’s
bank account so then Atif was very happy on that time because Atif thought that
this funds will not be recovered but now think that this funds had been
recovered because Atif pray for that issue and also Atif’s relatives was also
prayed to recover that funds so Allah listen that prayer.

So now Atif Subhani thought: * If Allah say that this work will be done then no one (even
millions of people) can obstruct that work *  








Payment Proof:

Payment Proof:

 Identity verification Proof for account:

Hacking: Prevention


applications and all devices and “paired devices” (your security is
as strong as your weak link) as soon as updates are available. Updates not only
improve and improve the user experience with the application, but also improve
and constantly correct security weaknesses and weaknesses in the application.
If 3 car doors are locked but the 4th is not the safety rating of your car is
measured by the 4th door open!

Password Security

Keeping passwords secret is good but
making sure they are not accessible or revealed is better. The more secure
platforms today also require complex passwords for access (small, uppercase,
numbers and all-inclusive characters). Passwords are neither shared with anyone
(not even with IT administrators and so-called organizational representatives)
nor written. However, a culture should be developed to change them often.

Report the Hack

If you have not already done so,
contact your email provider and report the hack. This is important even if your
compromised email has not made you lose access as it helps providers keep track
of fraud-based behavior. In addition, your email provider may be able to
provide details on the origin or nature of the attack.

Consider Your ID Protection Options

If you’ve been hacked, another idea to consider is an ID
protection service. These services typically offer real-time email monitoring
and online retail account monitoring, as well as credit score and personal
assistance reporting in case of identity theft. There is often a significant
cost associated with this type of protection, so be sure to look for companies
with solid results; and make sure you use a legitimate service, not a hacker
scam in disguise looking for your personal information.

 Change Your Security Questions

Although your password is the most
likely attack path, it is also possible that hackers broke into your account
after answering your security questions. According to Google’s recent research,
many users choose the same answer to common security questions. For example,
nearly 20% of American users answered “pizza” to the question “What
is your favorite food?” To further protect your email, be sure to use
multi-factor authentication that many providers allow you to gain access to
your password, including the use of secondary email addresses or text messages,
since only the most security are not enough.




Run Your Antivirus Program

As noted by the
FTC Guide on compromised emails, the first thing you should do if your account
is hacked into an end-to-end antivirus scan. This means skipping the
“quick scan” setting in order to detect and delete not only all forms
of malware (including Trojans and spyware for key loggers that may have tracked
keystrokes even after hacking has been identified) and potentially unwanted applications.
Or commit credit card frauds can be sent to your account so they can send you
embarrassing messages to your friends. For example, hackers are sending money
by bank transfer. Once an email has been compromised, they are able to send
their unauthorized transfers. According to the FBI’s Internet Crime Complaint
Center, they have been networked and on-board IT staff. When it comes to email
accounts, you run an antivirus scan, the better. It is important to ensure that
you are clean before changing any cycle.

Two-step verification


2-step verification is a process that involves two authentication methods
performed one after another to verify that someone or something that requires
access is who or what is declared.

Two-step verification is sometimes confused with two-factor
authentication (2FA), which also includes two usually sequential methods used
for verification. However, unlike 2FA processes, methods in two-step
verification can belong to the same category of authentication factors and the
methods used for 2FA are not necessarily sequential.

Furthermore, verification and authentication are not completely
synonymous. Verification can be part of a real process, for example by
providing a driving license as proof of identity. Authentication is considered
an adaptation of verification processes designed to protect automated and
online systems.


Keep your password
protected. Write your password should be with a combination of characters,
digits, special symbols. Do not reply to fishing emails. When you are making an
online transaction, always keep an eye on the site if the site protocol is
https and if there is a lock symbol.