Identity stealing on Internet is growing up, own username and password of social sites, e-mail inboxes, e-commerce sites, etc are always more at risk.
So it’s very imprtant to protect it from stealing attempts, here is a list of most common methods used by hackers:
social engineering
within e-mail or instant messaging you could receive messages where the sender is a fake of the real service and he asks your own credentials for any reason credenziali
phishing
very popular via e-mail or instant messaging, in this case the attacker attempts to acquire information by masquerading as a trustworthy entity in an electronic communication within a web page equal to the real service. You can easily discover that’s a fake page from the address, moreover modern antiviruses block the access to those pages.
keyloggers
keyloggers are a kind of malware that once are in execution in stealth mode in the victim’s pc they records all keys typed and then send data silently to the attacker
session hijacking
is an attack done with specific tools that allows to enter in the same session of the victim’s authenticated web service without this last has some warning/notice.
The condition to perform is that both the victim and the attacker must be in the same network.
Typical scenario is where the victim is connected with WiFi and the attacked join the same network (even if is protected, use some other tools to discover wireless keys).
To protect from this attack you can check your own wireless network and use SSL connection, where you can, to do site authentication.