No title

4 Ways To Hack Facebook

In this guide I'll show you ways that hackers (and even regular folks)
can hack into someone's Facebook account. Also I'll show you how
to prevent it from happening to you.

  Method 1: Reset the Password
The easiest way to "hack" into someone's Facebook is through
resetting the password. This could be easier done by people who are
friends with the person they're trying to hack.

• The first step would be to get your friend's Facebook email login.
If you don't already know it, try looking on their Facebook page
in the Contact Info section.
• Next, click on Forgotten your password? and type in the
victim's email. Their account should come up. Click This is my
account.
• It will ask if you would like to reset the password via the victim's
emails. This doesn't help, so press No longer have access to
these?
• It will now ask How can we reach you? Type in an email that
you have that also isn't linked to any other Facebook account.
• It will now ask you a question. If you're close friends with the
victim, that's great. If you don't know too much about them,
make an educated guess. If you figure it out, you can change the
password. Now you have to wait 24 hours to login to their
account.
• If you don't figure out the question, you can click on Recover
your account with help from friends. This allows you to
choose between three and five friends.
It will send them passwords, which you may ask them for, and then
type into the next page. You can either create three to five fake
Facebook accounts and add your friend (especially if they just add
anyone), or you can choose three to five close friends of yours that
would be willing to give you the password.
How to Protect Yourself
• Use an email address specifically for your Facebook and don't put that
email address on your profile.
• When choosing a security question and answer, make it difficult. Make it
so that no one can figure it out by simply going through your Facebook.
No pet names, no anniversaries—not even third grade teacher's names.
It's as easy as looking through a yearbook.
• Learn about recovering your account from friends. You can select the
three friends you want the password sent to. That way you can protect
yourself from a friend and other mutual friends ganging up on you to get
into your account.

Method 2: Use a Keylogger
Software Keylogger
A software keylogger is a program that can record each stroke on
the keyboard that the user makes, most often without their
knowledge. 
The software has to be downloaded manually on the
victim's computer. 
It will automatically start capturing keystrokes as
soon as the computer is turned on and remain undetected in the
background. 
The software can be programmed to send you a
summary of all the keystrokes via email.
CNET has Free Keylogger, which as the title suggests, is free. 
If this
isn't what you're looking for, you can search for other free keyloggers
or pay for one.
Hardware Keylogger
These work the same way as the software keylogger, except that a
USB drive with the software needs to be connected to the victim's
computer. 
The USB drive will save a summary of the keystrokes, so
it's as simple as plugging it to your own computer and extracting the
data. 
You can look through Keelog for prices, but it's bit higher than
buying the software since you have the buy the USB drive with the
program already on it.
How to Protect Yourself

• Use a firewall. Keyloggers usually send information through the internet,
so a firewall will monitor your computer's online activity and sniff out
anything suspicious.
• Install a password manager. Keyloggers can't steal what you don't type.
Password mangers automatically fill out important forms without you
having to type anything in.
• Update your software. Once a company knows of any exploits in their
software, they work on an update. Stay behind and you could be
susceptible.
• Change passwords. If you still don't feel protected, you can change your
password bi-weekly. It may seem drastic, but it renders any information a
hacker stole useless.

Method 3: Phishing
This option is much more difficult than the rest, but it is also the most
common method to hack someone's account. The most popular
type of phishing involves creating a fake login page. 
The page can
be sent via email to your victim and will look exactly like the Facebook
login page. 
If the victim logs in, the information will be sent to you
instead of to Facebook. This process is difficult because you will
need to create a web hosting account and a fake login page.
The easiest way to do this would be to follow our guide on how to
clone a website to make an exact copy of the facebook login page.
Then you'll just need to tweak the submit form to copy / store / email
the login details a victim enters. If you need help with the exact steps,
there are detailed instructions available by Alex Long here on Null
Byte. 
Users are very careful now with logging into Facebook through
other links, though, and email phishing filters are getting better every
day, so that only adds to this already difficult process. But, it's still
possible, especially if you clone the entire Facebook website.

How to Protect Yourself
• Don't click on links through email. If an email tells you to login to
Facebook through a link, be wary. First check the URL (Here's a great
guide on what to look out for). If you're still doubtful, go directly to the
main website and login the way you usually do.
• Phishing isn't only done through email. It can be any link on any website /
chat room / text message / etc. Even ads that pop up can be malicious.
Don't click on any sketchy looking links that ask for your information. Use
anti-virus & web security software, like Norton or McAfee.

Method 4: Stealing Cookies
Cookies allow a website to store information on a user's hard drive
and later retrieve it. These cookies contain important information used
to track a session that a hacker can sniff out and steal if they are on
the same Wi-Fi network as the victim. They don't actually get the login
passwords, but they can still access the victim's account by cloning
the cookies, tricking Facebook into thinking the hacker's browser is
already authenticated.
Firesheep is a Firefox add-on that sniffs web traffic on an open Wi-Fi
connection. It collects the cookies and stores them in a tab on the
side of the browser.
From there, the hacker can click on the saved cookies and access the
victim's account, as long as the victim is still logged in. Once the
victim logs out, it is impossible for the hacker to access the account.
How to Protect Yourself

• On Facebook, go to your Account Settings and check under Security. Make
sure Secure Browsing is enabled. Firesheep can't sniff out cookies over
encrypted connections like HTTPS, so try to steer away from HTTP.
• Full time SSL. Use Firefox add-ons such as HTTPS-Everywhere or Force-TLS.
• Log off a website when you're done. Firesheep can't stay logged in to your
account if you log off.
• Use only trustworthy Wi-Fi networks. A hacker can be sitting across from you
at Starbucks and looking through your email without you knowing it.
• Use a VPN. These protect against any sidejacking from the same WiFi
network, no matter what website you're on as all your network traffic will be
encrypted all the way to your VPN provider.
Protecting Yourself: Less Is More
Social networking websites are great ways to stay connected with old friends and
meet new people. Creating an event, sending a birthday greeting and telling your
parents you love them are all a couple of clicks away.

Facebook isn't something you need to steer away from, but you do need to be aware
of your surroundings and make smart decisions about what you put up on your
profile. The less information you give out on Facebook for everyone to see, the more
difficult you make it for hackers.

If your Facebook account ever gets hacked, check out our guide on getting your
hacked Facebook account back for information on restoring your account.
Previous Post Next Post

Contact Form