When you create an account on any website, whether a Social Networking Website or a blogging website, you usually add your username and password and press register, this is quite simple, but this is what hackers benefit from.
Let's take an example of Facebook.
Assume that you have a Facebook account that you have been using for many years. Now, you will be getting notifications in your registered email ID as well.
Hackers usually get the email IDs through various frauds or data leaks that might have happened around the world and the data is sold on different online forums as well. Sometimes directly on websites like "exploit" or through the Dark Web.
So, hackers have your email ID. Now what they will do is, they will create a similar-looking page that will resemble the login page of Facebook, and will send you an email, that will say something like below;
Important Message!
Your Facebook Account is Going to Get Deactivated. Click Here to Login to Your Account and Change Settings,
Thanks,
Facebook Team
And when you will see something like this, many of you will get scared and will click on the link that has been embedded in the email and will be transferred to the Facebook page, which has a similar login procedure.
You will see a username and password section just like on any Facebook page, and then you will add your username or email and password.
Now, when you click on Login, it will say login failed or successful, depending upon what the hacker has coded in the page, and your email ID and password will be sent to the hacker.
This is not only with Facebook but with any website in the world, that asks you to log in. This can be done with Gmail Accounts, with your banking websites, or even with your share market accounts, and once they have your email IDs and passwords, they can use it anytime they want and change the password and now you cannot access your accounts.
How can we be safe from these kinds of attacks?
One of the best ways to keep yourself safe from these kinds of attacks is by learning what Hacking is and are different ways hackers can compromise your accounts.
Then you should follow some basic steps;