1. Credit Card Frauds

For example, say a Nigerian fraudster tries to purchase goods online with a stolen credit card for which the billing address is associated with New York. Most credit card merchants use Geo-location to block orders from countries like Nigeria and other high risk countries. So in order to bypass this restriction the credit card fraudster uses a proxy to spoof his IP address so that it appears to have come from New York. The IP address location appears to be legitimate since it is in the same city as the billing address. A proxy check would be needed to flag this order.

2. Bypass Website Country Restrictions

Some website services are restricted to users form only a selected list of countries. For example, a paid survey may be restricted only to countries like United States and Canada. So a user from say China may use a proxy so as to make his IP appear to have come from U.S. so that he can earn from participating in the paid survey.

Proxy Detection Services

So in order to stop such online frauds, Proxy Detection has become a critical component. Today most companies, credit card merchants and websites that deal with e-commerce transactions make use of Proxy Detection Services like MaxMind and FraudLabs to detect the usage of proxy or spoofed IP from users participating online.

Proxy Detection web services allow instant detection of anonymous IP addresses. Even though the use of proxy address by users is not a direct indication of fraudulent behaviour, it can often indicate the intention of the user to hide his or her real IP. In fact, some of the most used ISPs like AOL and MSN are forms of proxies and are used by both good and bad consumers.

How Proxy Detection Works?

Proxy detection services often rely on IP addresses to determine whether or not the IP is a proxy. Merchants can obtain the IP address of the users from the HTTP header on the order that comes into their website. This IP address is sent to the proxy detecting service in real time to confirm it’s authenticity.

The proxy detection services on the other hand compare this IP against a known list of flagged IPs that belong to proxy services. If the IP is not on the list then it is authenticated and the confirmation is sent back to the merchant. Otherwise it is reported to be a suspected proxy. These proxy detection services work continuously to grab a list or range of IPs that are commonly used for proxy services. With this it is possible to tell whether or not a given IP address is a proxy or spoofed IP.

How to Tell Whether a given IP is Real or a Proxy?

There are a few free sites that help you determine whether or not a given IP is a proxy. You can use free services like WhatisMyIPAddress to detect proxy IPs. Just enter the suspected IP in the field and click on “Lookup IP Address” button to check the IP address. If it is a suspected proxy then you will see the results something as follows.

So for all those who think that they can escape by using a spoofed IP, this post is the answer. I hope this information helps. Pass your comments.

Every router comes with a username and password using which it is possible to gain access to the router settings and configure the device. The vulnerability actually lies in the Default username and password that comes with the factory settings. Usually the routers come preconfigured from the Internet Service provider and hence the users do not bother to change the password later. This makes it possible for the attackers to gain unauthorized access and modify the router settings using a common set of default usernames and passwords. Here is how you can do it.

Before you proceed, you need the following tool in the process

Angry IP Scanner

Here is a detailed information on how to exploit the vulnerability of an ADSL router.

Step-1: Go to www.whatismyipaddress.com. Once the page is loaded you will find your IP address. Note it down.

Step-2: Open Angry IP Scanner, here you will see an option called IP Range: where you need to enter the range of IP address to scan for.

Step-3: Go to Tools->Preferences and select the Ports tab. Under Port selection enter 80 (we need to scan for port 80). Now switch to the Display tab, select the option “Hosts with open ports only” and click on OK.

Step-4: Now click on Start. After a few minutes, the IP scanner will show a list of IPs with Port 80 open as shown in the below image.

Step-5: Now copy any of the IP from the list, paste it in your browser’s address bar and hit enter. A window will popup asking for username and password. Since most users do not change the passwords, it should most likely work with the default username and password. For most routers the default username-password pair will be admin-admin or admin-password.

Just enter the username-password as specified above and hit enter. If you are lucky you should gain access to the router settings page where you can modify any of the router settings. The settings page can vary from router to router. A sample router settings page is shown below.

If you do not succeed to gain access, select another IP from the list and repeat the step-5. Atleast 1 out of 5 IPs will have a default password and hence you will surely be able to gain access.

What can an Attacker do by Gaining Access to the Router Settings?

By gaining access to the router settings, it is possible for an attacker to modify any of the router settings which results in the malfunction of the router. As a result the target user’s computer will be disconnected from the Internet. In the worst case the attacker can copy the ISP login details from the router to steal the Internet connection or play any kind of prank with the router settings. So the victim has to reconfigure the router in order to bring it back to action.

The Verdict:

If you are using an ADSL router to connect to the Internet, it is highly recommended that you immediately change your password to prevent any such attacks in the future. Who knows, you may be the next victim of such an attack. 

Since the configuration varies from router to router, you need to contact your ISP for details on how to change the password for your model.

Ever wondered how to alter the Windows Product ID?

It is possible to alter the Windows Product ID and change it to what ever you like. For example, you can change the Product ID and put your nickname in place of the formal Product ID displayed by the Operating System. This hack is too easy and can be done within minutes. The screenshot showing the altered Product ID is given below

Win 7 PC showing Original PID

Windows 7 PC showing Altered PID

As you can see from the above screenshot it is simple and easy to make your Windows display what ever you want in the place of the real Product ID. Here is a step-by-step procedure to alter your Windows Product ID.

1. Goto Start->Run and type the following in the Run dialog box

2. After you open the Registry Editor, navigate to the following key

3. On the right hand side, you can see an entry by name ProductID listed under the heading Name.

4. Double-Click on ProductID, a dialog box will pop-up showing your Windows PID. Now you can delete the original PID and enter anything of your choice.

5. Once you are done, just click on OK and close the Registry Editor. Now you can see the altered Product ID in the Windows Properties window.

I hope you like this trick. Pass your comments. Cheers!

1. Open a notepad (New Text Document.TXT) and copy the following code exactly onto it, and save the notepad.

EICAR Test code
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

2. Rename the file from New Text Document.TXT to myfile.com

3. Now run the antivirus scan on this myfile.com file.

If the antivirus is functioning properly on your computer, then it should generate a warning and immediately delete the file upon scanning. Otherwise you may have to re-install your antivirus.

You can also place the myfile.com file in a ZIP or RAR file and run a scan on it so as to ensure whether your antivirus can detect the test string in the compressed archive. Any antivirus when scanning this file will respond exactly as it will do for a genuine virus/malicious code. This test will cause no damage to your computer even though the antivirus will flag it as a malicious script. Hence it is the safest method to test the proper functioning of any antivirus.

Have you ever wondered how to perform Caller ID spoofing? Read on to know more information on Caller ID spoofing and find out how it is performed.

Unlike what most people think, an incoming call may not be from the number that is displayed on the Caller ID display unit. Because of the high trust that the people have in the Caller ID system, it is possible for the caller to easily fool them and make them believe that the number displayed on the Caller ID display is real. This is all possible through Caller ID spoofing.

How to Spoof Caller ID?

You can easily spoof any Caller ID using services like SpoofCard. In order to use the spoofcard service, you need to pay in advance and obtain a PIN (Personal Identification Number) which grants access to make a call using the Caller ID spoofing service. Once you have purchased the service, you will be given access to login to your SpoofCard account. To begin with, you need to call the number given by SpoofCard and enter the PIN. Now you will be given access to enter the number you wish to call and the number you wish to appear as the Caller ID. Once you select the options and initiate the calling process, the call is bridged and the person on the other end receives your call. The receiver would normally assume that the call was coming from a different phone number ie: the spoofed number chosen by you - thus tricking the receiver into thinking that the call was coming from a different individual or organization than the caller’s. In this way it is just a cakewalk to spoof Caller ID and trick the receiver on the other end. Thus you neither need to be a computer expert nor have any technical knowledge to perform Caller ID spoofing. For more information on SpoofCard service visit the following link.

How Caller ID Spoofing works?

Caller ID spoofing is done through various methods and using different technologies. The most commonly used technologies to spoof Caller ID is VOIP (Voice Over IP) and PRI (Primary Rate Interface) lines.

Today most VOIP systems provide an option for it’s users to enter whatever number they want in the calling party field and this number is sent out when they make a call. Hence it is easily possible for any user to spoof Caller ID provided they have a VOIP system and know how to properly configure it to spoof the Caller ID. However sites like SpoofCard provide an easy and cheap spoofing services for those who aren’t using VOIP systems that they can configure themselves.

Caller ID spoofing is possible and being performed right from the days Called ID system was introduced. However most people are unaware of the fact that it is possible to spoof  Caller ID and make any number to be displayed on the receiver’s end. In the past, Caller ID spoofing service was mostly used by telemarketers, collection agencies, law-enforcement officials, and private investigators but today it is available to any Internet user who wish to perform Caller ID spoofing.

Have you accidentally deleted your files from the Hard disk? Do you desperately want to recover them back? Well you need not panic! It is possible to recover the deleted files back from the hard disk  (even after you have Shift+Deleted)  provided you act as soon as you realize that the files are deleted and use the best deleted files recovery software. In this post you will find a detailed information on how to recover the deleted files from your Windows PC or Mac.

Today there exists hundreds of data recovery tools and softwares on the market which boast to recover 100% of all the deleted files back in the original condition. But in reality most of these softwares are neither effective nor capable of recovering your files back. So it is very much necessary to make the right choice of the file recovery software in order to recover deleted files back in the original condition. We recommend the following softwares to recover the deleted files

1. Stellar Phoenix Data Recovery (for Windows)

2. Stellar Phoenix Mac Data Recovery (for Mac)

Stellar Phoenix is one of the best company specializing in deleted files recovery services and solutions since 1993. Stellar’s Data Recovery Solutions encompasses a wide range of software for almost any data loss situation ranging from accidental formats to virus attacks to software malfunctions. Hence Stellar provides the best tools to recover deleted files with over 1,000,000 satisfied customers across 137 countries.

How the File Deletion Process Works?

When you delete a file from your computer (or even from the recycle bin) the file is not actually deleted. Unlike what most people think, the file is not permanantly deleted or dropped from your hard disk. Let’s take an example of a book containing 50 pages. Suppose when you delete the page 25, assume that only the entry in the index which points to the page 25 is deleted and not actually the page 25 itself. Likewise when you delete a file from your hard disk, only the pointer which points to this file is removed and not actually the file itself. This file still exists intact and is 100% possible to recover it back in the original condition. In this condition the file becomes invisible and hence appears to have deleted.

What are the Chances of Recovering my Files Back?

Since the operating system doesn’t immediately re-use the space from the deleted files, it is most certainly possible to recover the deleted files back in 100% original condition. It may take up a very long time for those files to be completely deleted since the modern hard disks have ample capacity. Hence the chances are too less that the space from the deleted files are re-used immediately. So, it is really worth to try out the file recovery softwares like Stellar Data Recovery for Windows or Stellar Data Recover for Mac. Some files are reported to have recovered even after years of it’s deletion. However for the best results, it is recommended that you use the file recovery software as immediately as possible to recover your files.

Recovering the Deleted Files

In order to recover the deleted files all you need to do is perform a scan (search) for the deleted files using a File Recovery Software. Please be informed that there is no manual way to recover the deleted files. The Phoenix Data Recovery software performs a thorough scanning of the hard disk sector by sector and will locate the existence of deleted files to restore them back in the original condition. It is the only software that supports 185 popular file types including Windows NT Registry, JPEG, MP4, GIF, BMP and MS Word files. The software offers rich graphical support and incorporates advanced scanning methods to completely scan and recover deleted files from your hard drive. With this you can

• Recover FAT16, FAT32, VFAT, NTFS, and NTFS5 file system partitions
• Recover deleted emails
• Recover deleted documents
• Recover deleted photos
• Recover deleted music
• Formatted Hard-Drive recovery
• Recover files from USB Drives, CDs, DVDs and memory cards
• Recover almost all the camera format files

Visit the following links for more information on Stellar Data Recovery

1. Stellar Phoenix Data Recovery (for Windows)

2. Stellar Phoenix Mac Data Recovery (for Mac)

For Gmail

1. Login to your account

2. At the top-right corner, click on Settings

3. Under Settings, click on Filters

4. You’ll now see an option “Create a new filter“, click on it

5. Now in the From field enter the email address from which you do not want to receive the emails

For ex. you may enter john@gmail .com in the From field to block all incoming emails from this address. However if you want to block the whole domain then use the following syntax: *@xyz.com. Now all the incoming emails from the domain xyz.com will be blocked.

6. Click on Next Step, select the action you’d like to take on the blocked emails. You may select the option Delete it so that the blocked email is moved to trash. To unblock the email, all you need to do is just delete the filter that you’ve created.

For Yahoo

1. Login to your account

2. At the top-right corner, click on Options

3. A drop down menu appears, now click on More options

4. In the left panel select the option Filters and click on create or edit filters

5. Now click on Add

6. In the next screen, give a name to your filter and in the From header field enter the email address that you want to block.

Fox ex. john@gmail.com or if you want to block an entire domain then just enter @xyz.com. Dont enter *@xyz.com. Select the option Move the message to: Trash and click on Save Changes.

For Hotmail

1. Login to your account

2. At the top-right corner, click on Options

3. A drop down menu appears, now click on More options

4. Click on Safe and blocked senders link under Junk e-mail

5. Now click on Blocked senders

6. Type in the email address that you want to block under blocked e-mail address or domain field.

For ex. Enter john@yahoo.com to block the individual email address or just enter xyz.com to block the entire domain.

That’s it. You no longer receive those annoying emails in your inbox. Keep your inbox clean and tidy. I hope this post helps. pass your comments!

Most of us have experienced a situation where in we need to gain access to a computer which is password protected or at times we may forget the administrator password without which it becomes impossible to login to the computer. So here is an excellent hack using which you can reset the password or make the password empty (remove the password) so that you can gain administrator access to the computer. You can do this with a small tool called  Offline NT Password & Registry Editor. This utility works offline, that means you need to shut down your computer and boot off your using a floppy disk, CD or USB device (such as pen drive). The tool has the following features.

• You do not need to know the old password to set a new one
• Will detect and offer to unlock locked or disabled out user accounts!
• There is also a registry editor and other registry utilities that works under linux/unix, and can be used for other things than password editing.

How it works?

Most Windows operating systems stores the login passwords and other encrypted passwords in a file called sam (Security Accounts Manager). This file can be usually found in \windows\system32\config. This file is a part of Windows registry and remains inaccessible as long as the OS is active. Hence it is necessary that you need to boot off your computer and access this sam file via boot. This tool intelligently gains access to this file and will reset/remove the password associated with administrator or any other account.

The download link for both CD and floppy drives along with the complete instructions is given below

Offline NT Password & Reg Editor Download

It is recommended that you download the CD version of the tool since floppy drive is outdated and doesn’t exist in today’s computer. Once you download you’ll get a bootable image which you need to burn it onto your CD. Now boot your computer from this CD and follow the screen instructions to reset the password.

Another simple way to reset non-administrator account passwords

Here is another simple way through which you can reset the password of any non-administrator accounts. The only requirement for this is that you need to have administrator privileges. Here is a step-by-step instruction to accomplish this task.

1. Open the command prompt (Start->Run->type cmd->Enter)

2. Now type net user and hit Enter

3. Now the system will show you a list of user accounts on the computer. Say for example you need to reset the password of the account by name John, then do as follows

4. Type net user John * and hit Enter. Now the system will ask you to enter the new password for the account. That’s it. Now you’ve successfully reset the password for John without knowing his old password.

So in this way you can reset the password of any Windows account at times when you forget it so that you need not re-install your OS for any reason. I hope this helps.

1. Hacking Security Cameras

There exists many security cameras used for monitoring places like parking lots, college campus, road traffic etc. which can be hacked using Google so that you can view the images captured by those cameras in real time. All you have to do is use the following search query in Google. Type in Google search box exactly as follows and hit enter

Click on any of the search results (Top 5 recommended) and you will gain access to the live camera which has full controls. You will see something as follows

As you can see in the above screenshot, you now have access to the Live cameras which work in real-time. You can also move the cameras in all the four directions, perform actions such as zoom in and zoom out. This camera has really a less refresh rate. But there are other search queries through which you can gain access to other cameras which have faster refresh rates. So to access them just use the following search query.

Click on any of the search results to access a different set of live cameras. Thus you have hacked Security Cameras using Google.

2. Hacking Personal and Confidential Documents

Using Google it is possible to gain access to an email repository containing CV of hundreds of people which were created when applying for their jobs. The documents containing their Address, Phone, DOB, Education, Work experience etc. can be found just in seconds.

You can gain access to a list of .xls (excel documents) which contain contact details including email addresses of large group of people. To do so type the following search query and hit enter.

Also it’s possible to gain access to documents potentially containing information on bank accounts, financial summaries and credit card numbers using the following search query

3. Hacking Google to gain access to Free Stuffs

Ever wondered how to hack Google for free music or ebooks. Well here is a way to do that. To download free music just enter the following query on google search box and hit enter.

Now you’ll gain access to the whole index of eminem album where in you can download the songs of your choice. Instead of eminem you can subtitute the name of your favorite album. To search for the ebooks all you have to do is replace “eminem” with your favorite book name. Also replace “mp3″ with “pdf” or “zip” or “rar”.

I hope you enjoy this post. Pass your comments. Cheers!

How to create a Password Protected Folder?

Step-1: Create a new folder (Right-click -> New -> Folder) and give it any name of your choice. For instance I name it as ABC.

Step-2: Now in this folder place all the important files, documents or any folders that you want to password protect.

Step-3: Now Right-click on this folder (ABC) and select the option Send To -> Compressed (zipped) Folder.

Step-4: Now a new compressed zipped folder gets created next this folder (ABC) with the same name.

Step-5: Double-click on this compressed zipped folder and you should see your original folder (ABC) here.

Step-6: Now goto the File menu and select the option Add a password.

ie: File -> Add a password

Now a small window will pop up and here you can set your desired password. Once the password is set, the folder will ask for the password every time it is opened. Thus you have now created the password protected folder.

How to make it Invisible?

Step-1: Now Right-click on this password protected folder and select Properties.

Step-2: At the bottom select the option Hidden and press OK. Now your folder gets invisible (hidden).

Step-3: In order to unhide this folder go to My Computer – >Tools -> Folder options. Switch to View tab, scroll down and under Hidden files and folders you’ll see the following two options

• Do not show hidden files and folders
• Show hidden files and folders

Now select the second option and press OK. Now the invisible folder becomes visible in it’s location. To access it you need the password. To make it invisible again repeat step -1 through step-3 and select the first option and click OK. Now the folder becomes invisible once again.

I hope you like this post. Pass your comments!! Cheers