Thursday, December 17, 2009

How to Hack a Facebook Account? or How Your Facebook Account Can Be Hacked – Part 1

A thought just came to me right now, sitting behind my desk with nothing to do. Guess the old saying is really true, the one about the devil and how he finds job for . . . “would it be possible to just HACK into her private Facebook account?” Looking at the messages in my google search results, I see a growing trend of people who desired to get into other people’s business. Perhaps they’re acquaintance that aren’t close enough to be friends, or they’re looking for their potential dates’ secret profile, or worse they’re after your identity for identity theft. In the coming few articles, we’ll look at the implication of Social Networking as it relates to your privacy, what to look for and how to be careful. We’ll look into real scenarios of how your security maybe compromised, unless you’re careful.

The 64,000 dollar question: what does it take to gain access to someone’s profile?

Facebook Profile

For most of us who aren’t geniuses or super-technical, you may thought this is impossible. But when you think about it, it really isn’t rocket science. All you need is some creativity and not afraid to break the law. But because I am, the following describes hypothetical possible scenarios only. None has been attempted by me or anyone related to me, and all the screens related are mocked up for the purpose of illustrations only. The whole objective is to make you aware of the importance of security when using social networks such as Facebook. And at the end we’ll tell you how to protect yourself. But if you don’t see how easy it is for someone to view your profile, you’ll less likely to take precautions.

First thing to remember is when you get a friend request from someone, how do you know that person is a real request or a fake request? This is the key!!!!

Think about this, imagine if a stalker searched for ‘Paris Hilton’, someone that he/she is interested to find out more about. And this is our hypothetical target for discussion.

Search Profile

Next you can click on ‘View Friends’ and you’ll see a list of friends that’s connected to Paris. A potential stalker could then use this publicly available information by taking down the names, network and save the profile picture to their hard disk for later use.

facebookhack103.jpg

With the friends of Paris information collected, the next part involves setting up a new Facebook account by using one of Paris’ friends identity. Thanks to the user-friendliness of Facebook, you can do this in less than 60 seconds.

Sign Up

Profile Editing

Once the account is ready, the stalker would now be creating a fictional profile by uploading the friend’s picture that he downloaded as well as any info related such as Name or school information. Using this new identity, the stalker then invites Paris to ‘Add as friend’.

facebookhack106.jpg

And soon,Paris receives a friends request, thought that she knew the friend and accept the invitation. And that’s it!!! Paris loses her privacy when she clicked the confirm button if she’s not careful. The fact is, it’s quite hard to verify a friend’s request when the name and photo appear as who they are. And this is all part of social engineering…without much hacking involved, and you could be losing your personal information in no one if you’re no careful. Of course one purpose of this article is to shock you into knowing the truth, but the other is for you to know how to protect yourself.

So how do you deal with this?

First way to deal with this is to setup a limited profile list so that only a list of people can see your profile, you’ll have to explicitly to add new friends to that list to allow them to see your profile. Secondly, be sure to add people to the list that you don’t want to share your entire profile with. Well in our case, it’s someone we know, so how do we know if its real?

facebookhack107.jpg

  1. Set yourself a rule to add friends only, don’t add strangers.
  2. Look at the name and picture carefully. Also click on the “Name” to see the complete profile. If the profile has little details, then chances are it could be a made-up account.
  3. Look for the “You have no friends in common” line. If this person is a friend of yours, there should be some connections.
  4. If this person who’s inviting you is a brand new Facebook user with no friends, then pick up a phone. If he/she is a real friend, you’d probably have something in common to chat about. Call him/her up and find out if there’s a genuine request from them. Always be careful rather than be sorry.

You know, alot of people tend to have alot of friend requests to deal with that they simply look at the name and picture only, and then click the “Confirm” button. Don’t be one of these people. Always be careful.

In the next article,we’ll talk about something more serious, on why you should be super-careful, especially when by now, you think someone seeing your profile is not really such a big deal.

Post a Comment