Over the past few months I have noticed a large increase in the number of Facebook accounts getting hacked or hijacked by hackers using Facebook phishing. In order to understand this, let’s first take a quick look at why Facebook accounts have become such a target for hackers.
Why are Facebook accounts being hacked?…
Facebook now has over 500 Million users, and provides such incredible demographic information, that advertisers are now flocking to it for targeted advertising. The very same affiliate marketers that have previously resorted to spam email and blog comment spam to force their message out to the public, have now discovered that by hijacking Facebook accounts, they can deliver their marketing message to the friends and connections of those account holders. These “spammy” messages are more likely to be viewed, read, or even clicked on, because they are seemingly coming from a trusted source (the original account holder).
Exactly how are these Facebook accounts being hacked and hijacked?..
This is really just a new delivery method for an old phishing scheme. Phishing happens when you enter your login credentials on a fake Facebook login page or download malicious software to your computer. This may result in messages or links being automatically sent to a large number of your friends. These messages or links are often advertisements encouraging your friends to check out videos or products.
The hacker sets up a dummy Facebook profile and sends out hundreds of friend requests and waits for the requests to be accepted. Once some are accepted, they send out tricky messages via Facebook chat or by posting to the wall of their new Facebook friends. These messages appear as an enticement such as…
“hey, what exactly are you doing in this video (click here)…. how embarrassing…”
“this website has some sort of error and is giving away free iPads. Get there fast before you miss out (click here)…”
The above examples would include a link that goes to a page that appears to be a Facebook account login screen. The user assumes that they were logged out for some reason (which occasionally does occur) and re-enteres their Facebook username and password. What they don’t realize is that the page did not belong to Facebook and they just gave their username and password to a hacker.
Once the hacker has collected the user’s Facebook account credentials, they simply log into the account, change the password and begin sending out advertisements for affiliate programs, as well as more invitations to give up your account info. This process continues to spread because people are simply not aware.
How to avoid getting your Facebook hacked…
It is really quite simple to avoid getting your Facebook account hijacked. Just follow these simple steps:
1. Never, ever, ever give out your Facebook username and password to anyone.
2. Whenever you are at a Facebook login screen, make sure you are actually logging in on an official Facebook page. If you are ever unexpectedly shown a login screen, simply close your browser and open a new one. Then browse back to Facebook.com and login.
3. Share this post with any many people as you can. The more people who become aware of this, the less effective the hackers will be, afterall knowledge is power.
What to do if your Facebook account has already been hacked or you suspect you may have been “phished”…
1. If your computer has been infected with a virus or with malware, you will need to run anti-virus software to remove these harmful programs and keep your information secure.
2. If you are able to access your Facebook account, change or reset your account password as soon as possible to block any outside access to your account.
3. If you have been locked out of your account, or it has been suspended due to phishing or sending unwanted messages, your best bet is to simply start a new profile. I have heard from many that trying to get Facebook to reactivate an account is a lesson in futility.