How to Hack someones Bank Account

Method 1.

Top 7 steps to hack into someone’s bank account within 60 minutes without being caught.

The Lab experiment:

Herbert Thompson* in 2008 wanted to show the public how easy it was to access someone’s personal information and bank account.

He did the experiment on someone who he barely knew, a girl named mercy peters. Using the knowledge he knew about her, her name, where she was from, where she worked and roughly her age, he was able to access her bank account in ONLY 7 STEPS Highlighted below!!!

Read below to see how he did it – in the early days before Facebook!

Step 1

Google search. He googles her. Finds a blog and a resume. (Thompson called her blog a “goldmine.”) He gets information about grandparents, pets, and hometown. Most importantly he gets her college email address and current Gmail address.

Step 2
Next stop: Password recovery feature on her bank’s web site. He attempts to reset her bank password. The bank sends a reset link to her email, which he does not have access to. He needs to get access to her Gmail.

Step 3
Gmail access. He attempts to reset her Gmail password but Gmail sends this to her college email address. Gmail tells you this address’ domain (at least it did in 2008 when Thompson conducted the experiments) so he knew he had to get access to that specific address.

Step 4
College email account page. Thompson clicks the “forgot password” link on this page and winds up facing a few questions. Home address, home zip code and home country? No problem, Thompson has it all from the same resume. The same resume found from the simple Google search done earlier. Then came a stumbling block: the college wanted her birthday. But he only had a rough idea of her age, no actual birth date.

Step 5
State traffic court web site. Apparently, you can search for violations and court appearances by name! And such records include a birth date. (Facebook also makes this piece of data very easy to get even if people do not note their birth year… Remember Thompson knew roughly how old Kim was.) But he had no luck with the Department of Motor Vehicles.

Step 6
Thompson goes back to the blog and does a search for “birthday.” He gets a date but no year.

Step 7
Finally, Thompson attempts the college reset password again. He fills in her birth date, and simply guesses the year. He gets it wrong. But the site gives him five chances, and tells him which field has the error. So he continues to guess. He gets access in under five guesses. He changes her college password.

This gives him access to her Gmail password reset email. Google requires some personal information which he is able to get easily from her blog (e.g., father’s middle name.) Thompson changes the Gmail password and that gives him access to the bank account reset password email.

Here again he is asked for personal information, but nothing that he could not glean from Kim’s blog (e.g., pet name and phone number.) He resets the bank password and bingo, has immediate access to all her records and money.


Although the blessings of social media is extremely remarkable. However, precautions must be taken when sharing personal data, photos, more personal details about yourself on social media platforms like Facebook, twitter and Instagram.

Such hack should/might have been attempted on your account and sadly, if your bank account is vulnerable  you will be kissing good bye to all your hard earned monies.



We have covered lots of topics here, ranging from Fake bank account apps to Confirmed Ways to Create and Do Fake Bank Alerts In Nigeria and even fake check scams. All are strictly for educational purpose.

Disclaimer: This post is strictly meant for educational purposes only. To help ignorant people not to fall victim to online scammers. However, if you choose to use the tips from this post for other activities, you’re solely responsible for the consequences. CCNWORLDTECH will not be held responsible for anyone’s action.

How To Hack Bank Account

  1. Mobile Banking Trojans
  2. Phishing Method
  3. Keylogging Method
  4. Bank Message Method
  5. Sim swapping Method

1.Mobile Banking Trojans.

  • How to hack a bank account using Mobile Banking Trojans.
Until recently, having access to your bank account balance via mobile phones was a mirage. However the advent of Information technology (IT) has transform the global space and most especially the banking sector. Everyone can easily access their bank account statement and account balance without stress directly from the comfort of their homes.
Additionally, the availability of such unprecedented mobile and internet banking services using your  android phone has not come into existence without certain demerits. People now use bank apps for checking their account details and other related transactions; this however has created more vulnerability for attacks by fraudsters who uses  malware and certain viruses to perpetrate their heinous acts/crimes
This  scammers or hackers integrates the use of Trojans in the following ways: They create a replica of your Bank app and uploads it to third party sites for easy download. Unknowingly, you decided to download such app and you eventually enter your  appropriate online banking user name and password into it, and your case ends here.
The fake bank app will send the details to the hacker who will then mastermind the operation and sweep your bank account clean. They hijack app, these are just ordinary Trojan app on their own, not banking app.

When you download and install them, they will start scanning for banking app on your phone, when it detects a banking app, the malware quickly puts up a window that looks identical to the app you just booted, if this is done smoothly, the user won’t notice any swap and will enter his/her login details, which the app will send to the malware author.

  • How To Prevent Mobile Banking Trojans
When downloading any banking apps from the app store, keep an eye on the amount of downloads it has, if it has a very low amount of downloads and little to no reviews, then you should be rest assured that something is not right with such application. An official app for a very popular bank with a low download count it’s likely dangerous and a fake app. Alternatively, you can walk majestically into your bank and request for the appropriate app.

2. Phishing Methodhack-3671982_640-e1590446489733-9988575

Phishing simply involves creating a dummy website, like a clone of a popular website such as Facebook or a shopping site like Jumia. In this method, the hacker creates a website, typically an E-commerce Website, since he hopes to collect bank details. Then promotes the website through social media to get users. He might even reduce the price of the items in the shopping cart to get people to purchase. During the payment, the transaction is not secure, thus leading to the site administrator having access to the raw card details through the backend of the website.

The hacker collects as many card details as possible. The details to collect is the card number, name expiring date, and the CVV code. The hacker then uses the card details he has collected to make purchases online through the person’s account. Some Nigerian banks have a 2 step authentication process where they send an OTP to the registered number to verify the transaction. In this case, the card is not useful to the attacker. However, if you use the card to buy stuff from sites outside Nigeria (ie payment in foreign Currencies), it bypasses the OTP authentication.

Tools needed to achieve this.

  • Laptop with an internet connection
  • A website or a web developer as the case may be
  • Domain name and web hosting plan

3. Keylogging Methodcomputer-1591018_640-e1590445923124-4223564

Keylogging involves sending a Trojan horse to the target computer usually through an email or a push notification. The Trojan is installed in the person’s computer and relations undetected. The aim is to track activities on the keyboard. Let’s set the person who wants to make an online purchase.

He will enter his card details and login credentials which will be sent to the attacker via notification to a remote system. The information from this Trojan horse can be used directly to login to the victims’ accounts on virtually all platforms including their internet banking platform.

The attacker simply transfers the money from the amount to an account, usually to PayPal or through paystack, since there’s an end to end encryption. It will be difficult to track the transaction.

This method is very effective but requires knowledge of some technical stuff such as hacking. But the attacker can simply outsource the services of a hacker to develop the malware for them.

4. Bank Message Methodhacking-2903156_640-e1590445882284-3210866

At some point in time a lot of us have come across messages stating “Due to system upgrade, your account is at risk of being closed and requires immediate action. Contact 08********** to begin the reactivation process”.

That’s basically what this method entails in a not shell. Sending mass emails to different numbers with the hope of getting at least one victim to reply with their BVN and card details to help them reactivate. Once the victim calls to get help for their account activation, the hacker acts professionally to give the victim a sense of authenticity and validation.

They proceed and promise to help the victim but to do so, they will need the BVN and card details of the person. Some actually send them the requested details. The attacker will now make use of the card details to make purchases in foreign countries or transfer funds to their PayPal account.


Although this method is gradually becoming ineffective since most Banks are massively sensitizing their customers as to the invalidity of such messages. Some people still fall victim to such messages and hackers can use that to exploit and hack into people’s accounts. The tools needed to achieve this are listed below.

  • Bulk SMS Website
  • Laptop with an internet connection
  • List of active Nigerian numbers (some hackers randomly generate numbers using a software)

5.SIM Swapping

SMS authentication codes is currently one of the major hindrance most hackers are facing everyday whenever they try to scam vulnerable victims. Sadly, they have a way to dodge these  security checks, and they don’t even need your mobile phone to do it!

In order to perform a SIM swap, a hacker contacts your Internet service providers or network provider, claiming to be you. They state that they lost their phone, and that they’d like a transfer of their old number (which is your current number) to their SIM card.

If they’re successful, the network providers strips your phone number from your SIM and installs on the hacker’s instead. This is achievable with a social security number, as we covered in why 2FA and SMS verification isn’t 100% secure.

Once they have your number on their SIM card, they can circumvent SMS codes easily. When they log into your bank account, the bank sends an SMS verification code to their phone rather than yours. They can then log in to your account unimpeded and drain your account.


There you have it, as mentioned above this post is meant to educate and protect you by showing you how attackers hack bank accounts in Nigeria, and not intended as a means for defrauding others. Use this post wisely and at your own risk.

Previous articleDOWNLOAD MP3: Kaien Cruz Ft. Tellaman – Body
Editorial Staff at Information Resource and News Blog

Leave a Reply