Facebook support team is making ways to maintain the trust worthiness of the site. Since hackers cannot just attack a well-secured site, they can prey on the users so as to provide them with a front door access to Facebook. Below are the top 4 hacking tricks to get in to your Facebook accounts and the ways to evade them.
Phishing
Definition: This is the easiest method of harvesting Facebook accounts and passwords. Hackers create membership account with hacking sites so they can download a ready-made Fake Login Page that looks exactly like a Facebook log-in page. They buy a Facebook-like domain where they can upload and publish the Fake Login Page. Users, ignorant of this technique can easily type in their login information. The page reloads and the user will be directed to the main Facebook page to login again. This does not happen on Facebook alone, all email accounts, PayPal and other high traffic sites has been phi-shed before.
Solution
Look at the URL link it should be http://facebook.com or your proper email URL, not anything else.
Type the URL directly instead of accessing it from some other pages, you can also bookmark and save correct URL links on your browser.
If the page mysteriously reloads or encounters error even if you login correctly or is directed somewhere else, report the suspicious URL link to the sites’ support.
In any suspicion of hacking, change your passwords immediately.
Keylogging
Definition: A hacker needs to have physical access to a computer so he can harvest login information. So they design a keylogger, which is a software intended to be downloaded and installed in the computer without the knowledge of the owner. It is basically a little script included in freeware (like a cracked version of an application you want). Keyloggers are considered a data thief. This is another hacker’s favorite after phishing.
Solution:
Make sure anything you download is clean. One trick I learned is using MalwareBytes -a software specifically designed to check internet downloaded items for malware. Scan the items first before installing it.
Use Web of Trust WOT add-on to make sure the source website is a trusted site. You can also rate the site’s trust-worthiness, so others can be warned too if you stumble upon a malicious site.
Be wary of some website’s conditions to download any other software or toolbar before you can download the item you want. Torrent files also come with other files aside from the movie you are downloading. Uncheck necessary items on the Torrent pop-out so as not to be included in the seeding process.
Social Engineering
Definition: Here a hacker uses candid information collected from the victim to guess the name and password for your account. This is requires some rubbing elbows with the victim (a former boyfriend, old enemies, ect.) where in the hacker posing as a friend asks some leading questions in order to arrive to the correct password. This reminded me of some old spy movies where in the secret gets a password by guessing or conspicuously asking it from the owner. This can happen since it is our natural intent to use basic information we can easily remember.
Solution:
Do not use obvious information such as children’s names, birthdays and usernames as passwords.
Limit information you publish on the web into professional and basic contact information only.
Never share your password candidly to others -even to friends.
The more different your passwords are to your basic information, the better.
Do not make passwords in whole words, combine letters with numbers & characters such as @,$, or _
Write your lists of passwords in a paper notes, not on the computer notepad.
Change your password once a month.
Email Hack
Definition: This can be done when the hacker already has hacked your primary email inbox you use with Facebook. The only thing to do is to use the “Forgot Password?” trick. Once the reset password link is sent to your mailbox, the hacker can now use this link to access your Facebook account.
Solution:
Check your primary email once in a while you will notice that you will be receiving more spammy emails than before.
Also you can catch some emails that require action (such as activation email and reset passwords) even if you knew you did not request for such action.
Check your friends on whether they have received suspicious email messages from your address.
When your email is already compromised, change your password or completely delete the email account. But before you do, make sure to reset the Facebook password and set another email to use in the Facebook Account Settings.
Set your Facebook Security in its tightest settings.
There are still other ways hackers can think of. If you happen to discover other modus, let us know. Let us help each other be safe online by giving public information.