This is an Identity Theft example where a wireless hacker gains access to all your online accounts when you read your email over a wireless network.

Before you read any further, note that Wireless Personal Secure (Wifi Security Guy’s wireless security service) completely protects you and if you were using it the following would not happen to you. Click here to get this amazing protection or to learn more about it.

Setting: you use a wireless network (with or without a password) and check your email.

1. If this network has a password on it, the hacker has already used kismet/airsnort/aircrack to break it. More than likely this network doesn’t have a password on it - over 80% of them don’t.
2. Using kismet the hacker watchs you check your email. Kismet records every packet you send on the network.
3. Kismet records the email server you connected to, and the login name and password you used to get your email.
4. The hacker lets Kismet collect wifi packets for several hours, usually during the peak times this wifi network is in use. If this is a nearby hotel the hacker collects packets through the evening, if it’s a cafe or sandwich shop the hacker collects packets during lunch.
5. The hacker goes back home and runs dsniff on the capture files that kismet created. Dsniff dumps out all the servers and name/password combinations that kismet collected that day.
6. The hacker gets your server and login name/password and sets up his email client to now download all your email into a special folder. You are completely unaware he’s doing any of this.
7. The hacker monitors your email for several weeks, taking note of all the emails you get from online stores. The hacker compiles a list of all the stores that send you emails.
8. After several weeks of silently collecting your emails and making a list of where you have shopped the hacker is now ready to strike.
9. The hacker goes to each of your stores and has your password reset. To do this all he has to do is enter your email address and click “forgot password”. The online stores quickly oblige him by sending a new password to your email, which the hacker is receiving. The hacker takes not of each of the new passwords and quickly deletes those emails from you email server so you never see them.
10. The hacker then returns to each of the stores with the new passwords and places orders.
11. The hacker has the items sent to a different address, usually an apartment complex where UPS/FedEx just knock on the door and drop the package off.
12. One thing about online stores these days. They don’t charge your card until the merchandise is ready to ship. The hacker will have the packages overnighted (why not, it’s not his money…) which means your card is charged and he receives the goods the very next day.
13. Most people will never be aware they’ve even been charged until it’s too late - the hacker has long picked up the packages and can’t be caught.

Take note, all it took was the hacker gaining access to one thing (your email in this example). That’s how hackers work, they only need access to one thing, and from that they figure out how to gain access to other things. Another thing to note. The hacker never had to know your credit card numbers.

There are more complicated examples than this one, but this is certainly one of the easiest to understand.

Remember, everything you do on a wireless network can be seen by anyone else in the area, all it takes is one person deciding to record your activity and you can fall victim to identity theft very easily.

Identity Theft hackers love the dsniff tool. It automatically extracts login details, like names and passwords, for all the accounts being accessed on a wireless network. This article shows how hackers use it to get your information, what type of information they get, and what they can do with it.

Before you read any further, note that Wireless Personal Secure (Wifi Security Guy’s wireless security service) completely protects you and if you were using it the following would not happen to you. Click here to get this amazing protection or to learn more about it.

Dsniff can be ran in two different modes, “live” mode where it extracts names and passwords from an active wireless network, or “delayed” mode where it extracts names and passwords from a file that has all the network activity saved in it. This allows a hacker to use a tool like kismet to “passively” capture all the network activity and later extract all the login names and passwords when they go back home. It also lets a hacker record the activity of a “secured” network and crack the security at home, then extract all the login names and passwords that passed over the “secured” network. We will show how it’s used in “delayed” mode, it’s the easiest and most convenient use for a hacker.

When kismet runs, it records everything sent or received over a wireless network in a “dump” file. In our example we have a file named ‘Kismet-Apr-15-2008-2.dump’. This particular file was collected from a local sandwich shop during lunch. Let’s see what dsniff can pull out of this file:

Please notice we’ve smudged out all the login information. All in all there were 24 login names and passwords obtained in the course of that lunchtime. A hacker’s feast! In this little screen shot you can see a lot of pop logins captured. Pop (aka POP3) stands for “Post Office Protocol”, this is people logging in to read their email. You can read how once a hacker has access to your email (as now anyone who would have used kismet and dsniff as I did) he can now commit Identity Theft against you at our article: Wireless Network Identity Theft Example (technical).

As you can see the three most important pieces of information are displayed: (1) the server connected to, (2) the username on the email account, and (3) the password on that account. With those three pieces of information a hacker can now monitor all of these accounts and commit Identity Theft against them within just a few weeks.

There wasn’t enough screen space to show everything captured, so I’ve done another small screen shot so you can see other examples of the information captured:

The first entry (starting with “GET /sas/LoginSubmit”) is a web browser that is opening a “secured” page. Notice dsniff pulls out the Account ID, Username, and Password (look on that same line and you’ll see the entries, I’ve smudged out the user name and password to protect the user).

The second entry is a vulnerable snmp server. It’s a little complicated (and beyond the scope of this article), but with an unsecured snmp server around a hacker can break into the system and use it to exploit more users and gain more information.

So as you can see dsniff is a powerful tool that extracts login information on a wireless network (or file with all the network activity saved in it). The login information contains all the names, passwords, and which servers those names and passwords work on. The hacker then uses this information to commit Identity Theft. How a hacker can use this information to commit Identity Theft is covered in this article: Wireless Network Identity Theft Example (technical).