Facebook is, undoubtedly, the most popular social networking
website with more than 500 million active users. Due to its popularity, many
hackers (or should I say crackers?) are actively involved in hacking Facebook
accounts of unsuspecting users. This article outlines the many strategies that
such hackers use to gain access to Facebook accounts of hundreds of users each
day and how you can stop them from hacking your account.
Email Address Hack
I have always been puzzled by Facebook's leniency in this
matter. All a hacker needs to do is know your name and he will be conveniently
shown your email address at your profile. How easily a hacker can then hack
your Facebook account (and everything else associated with that email id) if he
'guesses' your password (if you use a weak password) or answers your security
question! This is something I hope Facebook improves on quickly. Until Facebook
does so, here are some tricks you can use to protect yourself from this
vulnerability.
How to safeguard your Email Address?
Just follow these steps:-
Hide your Email Address from everyone by going to Edit
Profile>Contact Information>Clicking on the icon beside your email
address> checking 'Only Me'.
Change your primary email address to a one that is only
known to you by going to Account Settings>Email> and changing your
primary email to the new one (known only to you) and removing your previous
email address.
For additional security, when in Account Settings, check
'Secure browsing' and 'Send me an email when a new computer or mobile device
logs into this account' and click Save.
Phishing
Phishing is one of the easiest ways to trick users into
giving out their login credentials. All a hacker does is set up a webpage
similar in design to that of the Facebook homepage, attach a server sided
script to track the username and password entered and store it in a log.
Sending people emails stating that someone tagged a photo of them on Facebook
in the same format as Facebook and giving a link below to the phishing website
further reduces the chances of it being detected as a fake. Sometimes, spam
Facebook apps, like those promising to tell who viewed your Facebook profile, automatically
post links to phishing websites. A new trend amongst phishers is creating
Facebook look-a-like widgets for stealing user's login credentials.
How to prevent yourself from being phished?
At all costs, avoid clicking on suspicious links. Moreover,
always check the URL in the address bar before signing in. Avoid logging in
through various "Facebook widgets" offered by websites and blogs.
Instead, use Facebook's homepage to sign in. Always try to use Safe Search
while searching. If you do manage to get phished, report the website so that
others may get a warning before visiting it.
Keylogging through Keyloggers
Keylogger is a type of computer virus that tracks
keystrokes. Keyloggers can be installed remotely on a computer system by a
cracker to record all the activity that is going on the victim's computer.
Keylogging gets more easy if the hacker has physical access to the victim's
computer.
How to stop keyloggers?
Install a good antivirus and update it frequently. Do not
click on suspicious links and avoid downloading illegal software. Also, avoid
installing free toolbars and other such spam software. Always scan
third-person's flash and pen drives before using them on your computer.
Social Engineering
Social engineering involves using any trick to fool the user
into making himself vulnerable to exploits. This could involve anything from
sending spoof emails, pretending to be from Facebook, telling you to change your
password to 12345678 to a hacker maliciously getting out the answer to your
security question in a friendly chat or discussion.
How to prevent yourself from being socially engineered?
Stay aware during chats and discussions. Use a tough
security question, preferably one whose answer you would never disclose to
anyone. Moreover, Facebook, or any other company for that matter, will never
ask you to change your password to 12345678 or do something as silly as asking
you to send out your login details to prove that you are an active user. Always
think before taking actions and your e-life on Facebook will be safe from
hackers looking to hack Facebook accounts.