A few weeks ago I received a Facebook message from an acquaintance of mine asking for a favor. The favor? Please click on this link and my page will receive 1000 likes. I have to admit the link looked suspicious but I opened it regardless. However, it hit me when the page asked me to enter my login credentials. A classic case of phishing!
Hackers are unleashing their wrath on Facebook, yet again! There have been several cases noted by us and a majority of them have been females. Hackers are sneaky nowadays. They are usually after photos which they can use in fake accounts or pornographic websites.
We want all of you to browse safely and beware of such attacks. So we made a detailed compilation. There are several techniques for hacking accounts, some of them have gone obsolete and some are favorites with hackers nowadays. Here’s a detailed guide on the common tactics being used by hackers these days and how to secure yourself!
The Most Common Tactic
There are several ways to hack a Facebook account but the most common technique being used by hackers nowadays is phishing. Phishing is a technique wherein a person posing as a trustworthy entity will acquire your usernames, password, and other sensitive information.
You may get a message from a friend of yours to click on a link for whatever reason. Considering them trustworthy you will do as they say. But what you may not know is that your friend was hacked too. These links will almost always ask you to enter your login credentials to continue. Once you do that, boom! There goes your account. When they have access to your credentials they can target you friends and this vicious cycle goes on. But all is not lost. We’ll also talk about what to do when your account gets compromised.
Other Less Common Tactics
There are several other ways to hijack accounts and grab their details but they have mostly gone obsolete when it comes to hacking online accounts.
1. DNS Spoofing
DNS Spoofing is an attack wherein the hacker can redirect all your traffic to their PC. It is fairly common but can be mitigated if you use HTTPS websites (very common now) or the secure shell login program. Users can check whether the server’s certificate is valid before moving on to the session.
2. Man-in-the-middle attacks:
Man-in-the-middle attacks basically allow you to intercept a communication between two parties. However, these are not very common these days particularly since the arrival of HTTPS. Most websites have now shifted to HTTPS. A few months ago, millions of WordPress websites also upgraded in a massive shift. SSL ensures secure communication over a computer network so such an attack will be rendered powerless.
3. Cookie Hijacking
Cookie Hijacking is basically the exploitation of a valid computer session – or a session key. Cookie theft would allow you to authenticate a user to any remote server. It can be easy to do if you get access to saved cookies on the victim’s computer. However, this type of attack is also not prevalent these days primarily because browsers now keep information like cookies and passwords encrypted.
4. RAT Attacks
RAT (Remote Access Trojan) Attacks are very lethal. They usually make their way into your computer via a suspicious attachments or links. Once your computer has been compromised to a RAT, the intruder gets all administrative control over your PC to do basically anything. But the good news is that today’s antiviruses are very sharp and will warn you if you’re about to step on a RAT trap.
How To Secure Yourself
While hackers can be brutal in their attacks on your personal information, luckily there are ways to save yourself.
Like I said before, do not click on suspicious links. But if somehow you have fallen into a trap, you need to be ready.
- Enable login notifications. This way whenever you or anyone logs into your Facebook account you will automatically be notified. In order to do that go to Home -> Settings -> Security -> Login Alerts.
- Add login approvals. Once you have enabled this, anyone trying to access your account from an unknown device or browser will be asked to enter a security code which can only be sent to your mobile number you entered. Don’t share this passcode with anyone. Home -> Settings -> Security -> Login Approval.
- Check your active sessions. If you get an inkling that your account has been compromised, the first thing to do would be to check your active sessions. Home -> Settings -> Security -> Where You’re Logged In. If you see any unknown activity going on, promptly click on ‘End Session’.
In case your account gets compromised, immediately change your password. If you happen to be Facebook friends with someone who is sending you weird stuff, don’t judge them. Quickly notify them about this unusual activity. Both of you need to update your password ASAP in case of such a scenario.
Furthermore, keep dual security check on your email accounts so that you are notified in case of a suspicious activity. Also, never keep same or similar passwords for any of your accounts. This way you’re only making the job easier for the hacker. And that’s not what we want!
May all your browsing sessions be secure!
If you have anything to add to the story, feel free to leave a comment.