How I hacked your Facebook account via Shoemoney

If you’ve ever attended one of my OAS or association security sessions then you’re well aware of the dangers posed by public Wi-Fi networks. If I’ve said it once, I’ve said it a hundred times.

  • Know who you’re connecting to
  • Use SSL whenever accessing sensitive information
  • When possible use a VPN

If you’re a frequent traveler, the risk of this type of breach likely outweighs the expense of a cellular data plan.

This post from ShoeMoney does an excellent job of explaining just how easy it is to capture or access your personal information. Considering the ease in acquiring these tools and the documentation, one can imagine what a sophisticated hack may expose.

I know security is boring and nobody wants to invest time or money in it. Trust me and take some time, read the post, and you will think a little differently about “free” Internet access. If nothing else you’ll know how to protect yourself from these specific account attacks.

Every time you are using a public wifi network, password protected or not, you are shouting to the world your username and password to every website you use that is unencrypted.

Right now, as I write this, I am sitting in the denver airport. Its pretty much dead right now. I can see maybe 100 people in the entire terminal.

I just fired up FireFox with the FireSheep extension. Within seconds I have access to various peoples Gmail, Facebook, Yahoo, Hotmail. Amazon, Hotmail, and virtually every possible service known to man.

Keep in mind FireSheep is just a Firefox plugin (Google it) that has been downloaded millions of times. This plugin is totally passive network monitoring at its easiest. Its been pre-programmed to sniff for certain usernames of passwords for pre-defined sites.

There are TONS of tools that will show you a lot more stuff.

Please continue reading Jeremy Schoemaker’s original post How I hacked your Facebook account on Shoemoney for the complete details with screenshots.

Have you or someone you’ve known been the victim of a public Wi-Fi attack? If so let us know where it happened and what the impact was.


2 Responses

  1. Reblogged this on Things to encode.

  2. […] keeps prying eyes out of your business and protects you from simple hacks like the one I posted last week. Turn this on and keep it […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: