Late last month Facebook announced its worst-ever security breach that allowed an unknown group of hackers to steal secret access tokens for millions of accounts by taking advantage of a flaw in the ‘View As’ feature.
At the time of the initial disclosure, Facebook estimated that the number of users affected by the breach could have been around 50 million, though a new update published today by the social media giant downgraded this number to 30 million.
Out of those 30 million accounts, hackers successfully accessed personal information from 29 million Facebook users, though the company assured that the miscreants apparently didn’t manage to access any third-party app data
Here’s How Facebook Classified the Stolen Data:
Facebook vice president of product management Guy Rosen published a new blog post to share further details on the massive security breach, informing that the hackers stole data from those affected accounts, as follows:
For about 15 million Facebook users, attackers accessed two sets of information: usernames and contact information including phone numbers, email addresses and other contact information depending on what users had on their profiles.
For about 14 million Facebook users, attackers accessed an even wider part of their personal data, including the same two sets of information mentioned above, along with other details users had on their profiles, like gender, language, relationship status, religion, hometown, current city, birthdate, device types used to access Facebook, education, work, the last 10 places they checked into or were tagged in, website, people or pages they follow, and the 15 most recent searches.
A remaining 1 million Facebook users did not have any personal data accessed by the attackers.
Besides this, Rosen also added that the attackers had no information to data from “Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, third-party apps, or advertising or developer accounts.”
Moreover, hackers also were not able to access any private message content, with one notable exception—If a user is a Facebook page administrator who had received or exchanged messages from someone on Facebook, the content of those messages was exposed to the attackers.
Here’s How to Check If You Are One of 30 Million Affected Users
Facebook said users can check whether they were affected by the breach by visiting the social network’s Help Center.
Facebook also added that the company will directly inform those 30 million users affected to explain what information the attackers might have accessed, along with steps they can take to help protect themselves from any suspicious emails, text messages, or calls.
So far the identity of the hackers remains unclear, but Rosen said Facebook is working with the FBI, the US Federal Trade Commission, Irish Data Protection Commission, and other authorities to investigate who might be behind the breach or if they were targeting anyone in particular.
Facebook is one of the most popular social networking websites on the internet.Facebook has more than a billion users, so facebook is a favorite target of hackers.
Despite the security concerns that have plagued Facebook for years, lots of people are still sticking around and millions join everyday. The scary part is some Facebook accounts are hacked, but the good thing is it doesn’t happen to everyone. Today, in this article I have outlined ways through which these malicious beings hack Facebook accounts and preventive measures to help you safeguard against hackers.
1. Hack Facebook account using key logging
Key logging is presumably the easiest way to hack a Facebook account password. A key logger is a program that records the keystrokes on a computer. It does this by monitoring a user’s input and keeping a log of all keys that are entered. The log may be saved to a file or even at times sent to another machine over a network or the internet. Key logging is a very much cunning method that even people with extensive computer knowledge have fallen victim to it.
Hack facebook using key logging
This is how you can avoid key loggers ?
Scan your USB drives for virus
Always download software from trusted sites
Always maintain a good antivirus and internet security to avoid key loggers.
2. Hack Facebook account using phishing
Phishing is one of the most popular ways for hacking a facebook account. In Phishing, the hacker creates a fake login page or create a clone of facebook login page that looks like the real facebook page. In the next step facebook, hacker asks the victim to log in through the fake phishing web page, victim username and password stored in a hacker computer.
Hacking facebook using Phishing
How to Protect yourself from Facebook Phishing ?
Never login your facebook account on another computer.
Always avoid emails that ask you to log in your facebook account in the new tab.
Never open any spammy links that give by your friend in the message box or by SMS.
Always use Chrome browser, chrome identifies the phishing page.
Use Antivirus in your computer.
Make sure you are on facebook.com and double-check the web address.
3. Hack Facebook account password by session hijacking
Session hijacking is where the hacker steals the victim’s browser cookie which is used in authentication of the user on a website and after getting the cookie, the hacker can then access the victim’s account. Session hijacking is mostly common when accessing Facebook on an HTTP (non-secure) connection and it is widely used on LAN and Wi-Fi connections.
Hacking facebook account using session hijacking
4. Saved passwords from browsers
Most of us are fond of granting permission to our browsers to save our usernames and passwords on our devices be it a computer or smartphone.
Anyone can hack your Facebook account from your browser’s password manager. Because of that never save your password on your device. For you may never know when the info will be hijacked.
How to avoid against hijacking ?
Never save login credentials on your browser
Always use a strong password on your computer
5. Sidejacking with firesheep
Firesheep is mostly used to carry out sidejacking attacks. However, firesheep only works when the attacker and victim are on the same Wi-Fi network. A sidejacking attack can similarly be looked at as HTTP session hijacking though it’s more directed towards Wi-Fi users.
Sidejacking with firesheep
6. Mobile Phone Hacking
Generally, we reset our facebook password from our mobile phone. What if someone install monitor apps in our phone. With monitor apps, hackers can access and read your all sms and he can easily reset your facebook password in just seconds.
Facebook hacking using mobile
How to Protect yourself from Facebook Mobile Phone Hacking ?
Always install a good antivirus in your mobile phone.
Never install unknown apps in your phone.
Always check your phone for suspicous apps
7. DNS spoofing
With DNS spoofing, the hacker, if on the same network with the victim, can change the original page and replace it with his own fake page and easily gain access to the victims Facebook account.
How to safeguard against spoofing ?
Always configure it to be secure against cache poisoning
Manage your DNS servers securely
Separate the authoritative function from resolving function using different servers
8. USB hacking
A hacker can get physical access to your computer and insert a USB programmed to automatically extract or retrieve saved passwords in the internet browser or any other information the hacker may need.
With this method, it’s very tricky when the hacker and victim are on the same LAN and on a switch based network. The hacker places himself between the client and the server, or he could act as a default gateway and capture all the traffic in between.
Man in the middle attacks
How to safeguard against this ?
Use VPN services
Use a proxy server to access the internet
Use good antivirus with good firewall options
Basically, botnets are networks made of remote controlled computers or bots. These bots have been infected with malware that allows them to be remotely controlled. It’s expensive to set up botnets and this makes them to be minimally used in cases of hacking Facebook accounts. Some very popular botnets include spyeye and zeus.
How to safeguard against botnets ?
Keep all your software up to date
Use strong passwords and keep them secret
Ensure that your firewall is always on
Use flash drives cautiously
11. Social engineering
Social engineering is a simple method that’s based on collecting as much info from the victims as possible. The information may include date of birth, phone number, etc. once a hacker gains access to this info and somehow it’s the same info used as a password, then the hacker can get access into the Facebook account effortlessly.
How to avoid this ?
Never share personal info via email or phone
Avoid links from unknown or suspicious sites
Block USB devices to minimize risk of baiting
12. Email ID hacking
With this method, the hacker only needs to access the connected email id of any account and then reset the Facebook password manually.
Email ID hacking
How to avoid this ?
Enable 2 step authentification in your Gmail account
Use strong passwords
Avoid entering email on scrupulous sites
13. Hacking Wi-Fi network
If you have a Wi-Fi router, it’s better to set it up with a strong password. If you use a weak password to set up the router security, a hacker can hack your Wi-Fi network and hijack all your internet traffic which can let eventually expose your Facebook account.
Hacking Wi-Fi network
How to avoid this ?
Avoid free Wi-Fi or public Wi-Fi
Always use VPN to access Wi-Fi
Always change your Wi-Fi password
Unfortunately people love logging in but don’t like logging out. That’s why very many Facebook users never log out their Facebook accounts from their computer. With your Facebook account logged in, anyone can access your Facebook. Therefore, always endeavor to log out every time you are done using your account.
With all that information, I assume you will know how to protect your accounts better and safeguard from the malicious hackers. If you have anything to add, please inform us in the comments section.
It might seem that Facebook works in mysterious ways when it comes to suggested friends. But there is a set algorithm that Facebook follows to gather the suggestions.
It happens ever so often that you save the contact of a new person on your phone and the next thing you know is that you see that person pop up on your Facebook suggested friends list. Though it might seem like sorcery for a moment, trust me it is not. Facebook has some methods of doing it among others.
Besides this, don’t be surprised if Facebook suggests some long lost friend you hardly even remember. Facebook’s official Help Center page says that ‘People You May Know’ suggestions are assimilated from things like having friends in common, or mutual friends, this is the most common reason for suggestions.
Being in the same Facebook group or being tagged in the same photo. People who use the same networks as you do, for example, your school, university or work. And last but not the least, based on the contacts you’ve uploaded on your phone.
Now the last one might seem a bit mysterious because you are not prompted every time you add a new contact on your phone on whether you want to find the person on Facebook. But as Facebook explains, this happens because the permission was already granted when you installed the Facebook App on your smartphone. On logging into the Facebook app for the first time, it prompts to sync your contacts. And that is all it needs to keep checking your contacts for suggesting people.
Some might find this intrusive, and others plain irritating. But one must admit that this poses a serious threat to the personal data on the phone. Facebook might argue its case by saying that it is a choice and people can turn it off, but one must consider that not everyone is aware that this is happening.
As for the Facebook feature where it tracks people using the same network, it is an attempt by Facebook to play the perfect wingman and assistant. Facebook explains this feature by saying that this is an attempt to connect you with people you see often at bars, office, and cafés without the need for you to go search for them.
HOW FACEBOOK FIND PEOPLE UNDER SAME NETWORK
Facebook finds other people on the same network by sending out a data packet containing your information, each time you enter a network. Your phone receives other such data packets as well, and these are used to recognize other people on the same network.
These features not only show that Facebook is very innovative when it comes to data mining and identifying people but scary as well.