1) Phishing :
The first and very basic way of hacking Facebook accounts is
via Phishing. Phishing is actually creating fake web pages to
steal user’s credentials like email,passwords,phone no,etc.
DRAWBACK :
Users nowadays are aware of these type of attacks and one
can not be easily fooled using this attack. You need some social
engineering to trick someone.
‘
Prevention :
Always check the page URL before logging in. This is the most
trusted and effective way one can use to avoid himself from
phishing.
Other way is to use some good Antivirus software which will
warn you if you visit a harmful phishing page.
Even if somehow you have already entered your credentials in
a phisher, Immediately Change your password.
------------------------------
2) Keylogging :
This is another good way of hacking Facebook accounts. In this
type of attack a hacker simply sends an infected file having
keylogger in it to the victim. If the victim executes that file
on his pc, whatever he types will be mailed/uploaded to
hacker’s server. The advantage of this attack is that the
victim won’t know that hacker is getting every Bit of data he
is typing. Another big advantage is that hacker will get
passwords of all the accounts used on that PC.
DRAWBACK :
Keyloggers are often detected as threats by good antiviruses.
Hacker must find a way to protect it from antivirus.
Prevention :
Execute the file only if you trust the sender.
Use online scanner such as novirusthanks.org
Use good antivirus and update it regularly .
------------------------------
3) Trojans/backdoors :
This is an advanced level topic. It consists of a server and a
client. In this type of attack the attacker sends the infected
server to the victim. After execution the infected server i.e.
Trojan on the victim’s PC opens a backdoor and now the hacker
can do whatever he wants with the victim’s PC .
DRAWBACK :
Trojans are often detected as threats by good antiviruses.
Hacker must find a way to protect it from antivirus.
Prevention :
Execute the file only if you trust the sender.
Use online scanner such as novirusthanks.org
Use good antivirus and update it regularly .
------------------------------
4)Sniffing
It consists of stealing session in progress. In this type of
attack an attacker makes connection with server and client
and relays message between them, making them believe that
they are talking to each other directly.
DRAWBACK :
If user is logged out then attacker is also logged out and the
session is lost.
It is difficult to sniff on SSL protected networks.
Prevention :
Always use SSL secured connections.
Always keep a look at the url if the http:// is not changed to
https:// it means that sniffing is active on your network.
------------------------------
5)Social Engineering :
This method includes guessing and fooling the clients to give
their own passwords. In this type of attack, a hacker sends a
fake mail which is very convincing and appealing and asks the
user for his password.
Answering the security questions also lies under this category.
Drawback :
It is not easy to convince someone to make him give his
password.
Guessing generally doesn’t always work ( Although if you are
lucky enough it may work!).
Prevention :
Never give your password to anyone
Don’t believe in any sort of emails which asks for your
password
------------------------------
6) Session Hijacking
In a session hijacking attack an attacker steals victims cookies,
cookies stores all the necessary logging Information about
one’s account, using this info an attacker can easily hack
anybody’s account. If you get the cookies of the Victim you
can Hack any account the Victim is Logged into i.e. you can
hack Facebook, Google, Yahoo.
Drawbacks :
You will be logged out when user is logged out.
You will not get the password of the user’s account.
Will not work if the user is using HTTPS connections.
Prevention :
Always work on SSL secured connections.
Always keep a look at the url if the http:// is not changed to
https:// it means that sniffing is active on your network.
------------------------------
I Hope You Enjoy this Post. Pass Your Comment & Share your Experience
The first and very basic way of hacking Facebook accounts is
via Phishing. Phishing is actually creating fake web pages to
steal user’s credentials like email,passwords,phone no,etc.
DRAWBACK :
Users nowadays are aware of these type of attacks and one
can not be easily fooled using this attack. You need some social
engineering to trick someone.
‘
Prevention :
Always check the page URL before logging in. This is the most
trusted and effective way one can use to avoid himself from
phishing.
Other way is to use some good Antivirus software which will
warn you if you visit a harmful phishing page.
Even if somehow you have already entered your credentials in
a phisher, Immediately Change your password.
------------------------------
2) Keylogging :
This is another good way of hacking Facebook accounts. In this
type of attack a hacker simply sends an infected file having
keylogger in it to the victim. If the victim executes that file
on his pc, whatever he types will be mailed/uploaded to
hacker’s server. The advantage of this attack is that the
victim won’t know that hacker is getting every Bit of data he
is typing. Another big advantage is that hacker will get
passwords of all the accounts used on that PC.
DRAWBACK :
Keyloggers are often detected as threats by good antiviruses.
Hacker must find a way to protect it from antivirus.
Prevention :
Execute the file only if you trust the sender.
Use online scanner such as novirusthanks.org
Use good antivirus and update it regularly .
------------------------------
3) Trojans/backdoors :
This is an advanced level topic. It consists of a server and a
client. In this type of attack the attacker sends the infected
server to the victim. After execution the infected server i.e.
Trojan on the victim’s PC opens a backdoor and now the hacker
can do whatever he wants with the victim’s PC .
DRAWBACK :
Trojans are often detected as threats by good antiviruses.
Hacker must find a way to protect it from antivirus.
Prevention :
Execute the file only if you trust the sender.
Use online scanner such as novirusthanks.org
Use good antivirus and update it regularly .
------------------------------
4)Sniffing
It consists of stealing session in progress. In this type of
attack an attacker makes connection with server and client
and relays message between them, making them believe that
they are talking to each other directly.
DRAWBACK :
If user is logged out then attacker is also logged out and the
session is lost.
It is difficult to sniff on SSL protected networks.
Prevention :
Always use SSL secured connections.
Always keep a look at the url if the http:// is not changed to
https:// it means that sniffing is active on your network.
------------------------------
5)Social Engineering :
This method includes guessing and fooling the clients to give
their own passwords. In this type of attack, a hacker sends a
fake mail which is very convincing and appealing and asks the
user for his password.
Answering the security questions also lies under this category.
Drawback :
It is not easy to convince someone to make him give his
password.
Guessing generally doesn’t always work ( Although if you are
lucky enough it may work!).
Prevention :
Never give your password to anyone
Don’t believe in any sort of emails which asks for your
password
------------------------------
6) Session Hijacking
In a session hijacking attack an attacker steals victims cookies,
cookies stores all the necessary logging Information about
one’s account, using this info an attacker can easily hack
anybody’s account. If you get the cookies of the Victim you
can Hack any account the Victim is Logged into i.e. you can
hack Facebook, Google, Yahoo.
Drawbacks :
You will be logged out when user is logged out.
You will not get the password of the user’s account.
Will not work if the user is using HTTPS connections.
Prevention :
Always work on SSL secured connections.
Always keep a look at the url if the http:// is not changed to
https:// it means that sniffing is active on your network.
------------------------------
I Hope You Enjoy this Post. Pass Your Comment & Share your Experience
