QUIZ (or) MCQ
S/W (or) Computer Science
C++ (or) CPP
Current Affairs MCQ
Monthly Current Affairs MCQ
UPSC Previous Questions
UPSC 2022 Prelims Questions
UPSC 2021 Questions
UPSC 2020 Questions
UPSC 2019 Questions
Bootstrap 3 Plugins
Bootstrap 4 Plugins
Ethical Hacking - Interview Questions
Explain what is Brute Force Hack?
Recently Updated Interview Questions in Ethical Hacking
Is there any special OS that is used for hacking?
Yes, there are plenty of Operating systems available that are generally used for hacking. These are
Parrot Security OS
Network security toolkit
What's the difference between a hacked and spoofed account?
The hacker doesn’t need to take over your account to spoof your email. However, a hacked email account means that the attacker managed to gain full access to your email account. The emails that the hacker sends will genuinely come from your mailbox. However, in the case of spoofing, your account remains untouched. The email only appears to be originating from you, but it’s actually from a completely separate account.
How to protect yourself from email spoofing?
If you got an email from yourself with ransom threats, the first step is to stop and collect yourself. We’ve already touched on how easy it is to spoof an email. Panicking is playing into the attacker’s hands. What you’ll need to do then is to investigate the email header and check for the IP addresses,
validations. This will clear out whether the email came from your own account. If the validation fails, there’s nothing to worry about. If the email truly came from your own inbox, you need to act fast and take all precautions to protect your email and your identity.
Identifying email spoofing :
Incidentally, it’s incredibly easy to identify email spoofing. Aside from the obvious red flags, you only need to look at the full email header. It contains all the critical components of every email: From, To, Date and Subject. Also, there will be metadata on how the email was routed to you and where it came from. Most likely, it will also contain the verification results your internet service provider used to check if the sender’s server had the proper authorization to send emails using that domain.
How you check this data heavily depends on the service you’re using and will only work on a desktop. For Gmail, you’ll need to click three vertical dots next to the reply button and select “Show Original” from a drop-down list. For other services that you may be using, you can check
Here’s an example of a spoofed email that I sent to myself pretending to be a billionaire. In this case, the email filter caught it labeling it as spam, so it didn’t appear in my primary mailbox. I had to find it in the spam folder. Big yellow warning aside, you’ve got to admit, it looks pretty realistic.
Suppose I would have picked a lower-profile domain of a lesser-known company with fewer methods to verify. Well, there is still a lot that you can check. If you go to “Show Original“, you can see that SPF is indicated as SOFTFAIL, and DMARC is indicated as FAIL. This is enough to call out the email as spoofed. Some poorly maintained domains do not keep their SPF records up to date, failing validation.
If you want to go deeper down the rabbit hole, at the code level, you’ll see that Received: from, and Received-SPF domains do not match, as well as the IP addresses. This is a clear example of email spoofing. Remember, if IP addresses don’t match and SPF validation fails, this isn’t a genuine email. It doesn’t also hurt to check whether the Return-Path is the same as the sender’s email address.
New Technologies Interview Questions
Full Stack Developer
CPP (or) C++