Here are top methods used by Hackers to hack facebook. This is for educational purpose , please don't use these techniques for malicious purpose.|
1 Phishing :
temp.jpeg (103.03 KB, Downloads: 1)
2017-04-29 22:09:19 Upload
Phishing is the most common technique used for hacking FB passwords. It is easy for anyone who is having little technical knowledge to get a phishing page done and that is why phishing is so popular. Many people become a victim of Phishing page due to its trustworthy layout and appearance.
How phishing works?
In simple words, Phishing is a process of creating a duplicate copy of a reputed website’s page in the intention of stealing user’s password or other sensitive information like credit card details. In our topic, Creating a page which perfectly looks like Facebook login page but in a different URL like fakebook.com or faecbook.com or any URL which pretends to be legit. When a user lands on such a page, he/she might think that is real Facebook login page and asking them to provide their username and password. So the people who do not find phishing page suspicious might enter their username, password and the password information would be sent to the Facebook hacker who created the phishing page, simultaneously the victim would get redirected to original FB page.
Example : John is a programmer, he creates a FB login page with some scripts that enable him to get the username and password information. John put this fake login page in https://www.facebouk.com/make-money-online-tricks. Peter is a friend of John. John sends a message to Peter “Hey Peter, I found a free trick to make money online easily, you should definitely take a look at this https://www.facebouk.com/make-money-online-tricks-free”. Peter navigate to the link and see a Facebook login page. As usual Peter enters his username and password of FB. Now the username and password of Peter was sent to John and Peter get redirected to a money making tips page https://www.facebouk.com/make-money-online-tricks-tips-free.html. That’s all Peter’s Facebook account is hacked. Learn more about phishing.
How could you protect yourself from online FB phishing?
Hackers can reach you in many ways like email, personal messages, FB messages, Website ads etc. Clicking any links from these messages would lead you to a Facebook login page. Whenever you find a FB login page, you should note only one thing which is URL because nobody can spoof / use Facebook URL except when there are some XSS zero day vulnerabilities but that’s very rare.
temp.jpeg (47.75 KB, Downloads: 1)
2017-04-29 22:09:34 Upload
What is the URL you see in browser address bar?Is that really https://www.facebook.com/ (Trailing slash is important since it is the only separator in Google chrome to distinguish domain and sub domain. Check out the below examples to know the difference)?Is there a Green colour secure symbol (HTTPS) provided in the address bar?Keeping these questions in your mind would prevent you from getting hacked of online phishing pages. Also see the below examples of phishing pages.
Some super perfect phishing pages are listed below.
temp.jpeg (230.44 KB, Downloads: 1)
2017-04-29 22:02:00 Upload
Most of the people won’t suspect this page (snapshot given above) since there is https prefix with green colour secure icon and no mistake in www.facebook.com. But this is a phishing page, how? Note the URL correctly. It is https://www.facebook.com.infoknown.com so www.facebook.com is a subdomain of infoknown.com. Google Chrome do not differentiate the sub-domain and domain unlike Firefox do.
SSL Certificates (HTTPS) can be obtained from many online vendors, few vendors give SSL Certificate for Free for 1 year. Its not a big deal for a novice to create a perfect phishing page like this. So be aware of it.
2 Social Engineering
This is the second most common technique of hacking Facebook accounts. Actually this method shouldn’t come under Hacking since there is no much knowledge required for this method. I am listing this method under hacking to ensure the list of most common techniques used for FB account hacking in their respective order. Social engineering is basically a process of gathering information about someone whose account you need to hack. Information like date of birth, their mobile number, their boyfriend / girlfriend’s mobile number, nickname, mother’s name, native place etc.
How Social Engineering works?
This is another common method used to steal Facebook user’s password. Most people are unaware of these method but traditional hackers use this method to hack user accounts.
How Plain Password Grabbing works?
In this method, the Facebook hacker / attacker target a particular low quality website where the victim is a member and hack their database to get the stored plain username & password of victim. Here how could the hacker / attacker get access to Facebook? Many of us use the same password for FB and some poorxyz.com so its easy for a Facebook hacker to get your password through the low quality poorxyz.com.In another scenario, the Facebook hacker / attacker creates a website in the intension of getting victim’s password. Whenever a user signup or register his account using email and create a password and those details will get stored in their db. So they get your email and password. Common people who uses same email and password for these kind of low quality websites might end up getting their Facebook account hacked.
How could you protect yourself from Facebook Plain Password Grabbing?
You should never trust third party low quality websites, even popular websites like Linkedin passwords are getting hacked. So never and ever trust third party low quality websites. Most of the website developers are storing plain passwords in database without even thinking about encryption or security. This makes Facebook hackers job easy since the password is stored as plain text. Best way to prevent this method is to have a unique password at least for websites that you really trust. Don’t use your FB password for any other website/portal and that’s when your password will never get exposed.
4 Key LoggerKey logger is a software tool used to record keystrokes of a computer or mobile devices. This in turn records everything you type using your keyboard and store it for use.
How Key Logging works?
temp.jpeg (276.81 KB, Downloads: 3)
2017-04-29 22:06:16 Upload
All keyloggers run in background (except trail versions) and won’t be viewable to users until you know the keylogger password and shortcut used to view it. It will record all the keys pressed and give you a detailed report of when and what keys are used for what application – Simply a clean report to identify passwords. Anyone who is reading the keylogger logs might be able to see the Facebook password or any passwords typed and sensitive information like credit cards, bank username password etc. Whenever you login to a public computer, there are chances for you to get your password hacked.
In another scenario, your friend/colleague/neighbour could ask you to login using their computer as a help. If their intension is to get your password then you are most likely to get your FB account hacked.
Now a days many people are using mobile key loggers, it enables to track the keypad of mobile. So any sensitive information typed in mobile could be hacked easily.
In order to fulfill the basic functions of our service, the user hereby agrees to allow Xiaomi to collect, process and use personal information which shall include but not be limited to written threads, pictures, comments, replies in the Mi Community, and relevant data types listed in Xiaomi's Private Policy. By selecting "Agree", you agree to Xiaomi's Private Policy and Content Policy .