Facebook is, undoubtedly, the most popular social networking website with more than 1 billion active users. Due to its popularity, many hackers (or should I say crackers?) are actively involved in hacking Facebook accounts of unsuspecting users. This article outlines the many strategies that such hackers use to gain access to Facebook accounts of hundreds of users each day and how you can stop them from hacking your account.
Email Address Hack
Most people leave their email addresses visible on their Facebook profiles. All a hacker then needs to do is know your name and he will be conveniently shown your email address at your profile. Also, most people share their email ids everywhere. How easily a hacker can then hack your Facebook account (and everything else associated with that email id) if he 'guesses' your password (if you use a weak password) or answers your security question! Here are some tricks you can use to protect yourself from this vulnerability.
How to safeguard your Email Address?
Just follow these steps: -
• Hide your Email Address from everyone by going to Edit Profile>Contact and Basic Info>Clicking on the gear icon beside your email address> checking 'Only Me' if you have not done so already.
• Change your primary email address to a one that is only known to you by going to Settings>Email> and changing your primary email to the new one (known only to you) and removing your previous email address.
• For additional security, when in Account Settings, enable Login alerts to receive notifications and emails when a new computer or mobile device logs into your account.
• Also, enable Login Approvals to receive a code on your mobile phone to login whenever your Facebook account is accessed from an unknown device. Login Approvals will need you to have added a mobile number to your Facebook account.
• Moreover, enable two factor authentication to access your email addresses on your email provider's website as well to make sure that no hacker can exploit them to hack into your Facebook account.
Phishing is one of the easiest ways to trick users into giving out their login credentials. All a hacker does is setup a webpage similar in design to that of the Facebook homepage, attach a server sided script to track the username and password entered and store it in a log. Sending people emails stating that someone tagged a photo of them on Facebook in the same format as Facebook and giving a link below to the phishing website further reduces the chances of it being detected as a fake. Sometimes, spam Facebook apps, like those promising to tell who viewed your Facebook profile, automatically post links to phishing websites. A new trend amongst phishers is creating Facebook look-a-like widgets for stealing user's login credentials.
How to prevent yourself from being phished?
At all costs, avoid clicking on suspicious links. Moreover, always check the URL in the address bar before signing in. Avoid logging in through various "Facebook widgets" offered by websites and blogs. Instead, use Facebook's homepage to sign in. Always try to use Safe Search on search engines while searching. If you do manage to get phished, report the website so that others may get a warning before visiting it.
Keylogging through Keyloggers
Keylogger is a type of computer virus that tracks key strokes. Keyloggers can be installed remotely on a computer system by a cracker to record all the activity that is going on the victim's computer. Keylogging gets more easy if the hacker has physical access to the victim's computer.
How to stop keyloggers?
Install a good antivirus and update it frequently. Do not click on suspicious links and avoid downloading illegal software. Also, avoid installing free toolbars and other such spam software. Always scan third-person's flash and pen drives before using them on your computer.
Social engineering involves using any trick to fool the user into making himself vulnerable to exploits. This could involve anything from sending spoof emails, pretending to be from Facebook, telling you to change your password to 12345678 to a hacker maliciously getting out the answer to your security question in a friendly chat or discussion.
How to prevent yourself from being socially engineered?
Stay aware during chats and discussions. Use a tough security question, preferably one whose answer you would never disclose to anyone. Moreover, Facebook, or any other company for that matter, will never ask you to change your password to 12345678 or do something as silly as asking you to send out your login details to prove that you are an active user. Always think before taking actions and your e-life on Facebook will be safe from hackers looking to hack Facebook accounts.