How to Prevent Hackers Hacking your Facebook Account

01/11/2017

If you don’t have a facebook account that’s fine, you are not one of the 1.5 billion users who do, but still read on, you may find this very useful information. There are a whole variety of ways your account can be hijacked or stolen, here are just some of them.

Mobile Phone Hacking

The Facebook App is used by millions of users to access Facebook on their mobile phones.  By gaining access to your mobile phone the hacker can probably get access to your facebook account. There is a lot of software around to allow hackers to monitor a cellphone.

How to combat mobile phone hacking? Confirm your mobile telephone number with Facebook.

This is one of many ways to enhance your account security on facebook and also allows you to receive a new password via SMS if you lose or forget yours.

Code Generator for Android Phones

You can set up an extra layer of security on android phones by having to enter a code every time you log on to facebook using the app.

DNS Spoofing

If you are on the same network, wired or wireless, an attacker can use a DNS Spoofing attack to direct you to his own fake page that looks like the facebook.com login page and gain access to your login details as you type them in.

Weak Passwords

When it comes to passwords size really does matter.  A password of 8 characters can normally be bruteforce cracked in a week or less, sometimes minutes. A password of 12 characters in length with numbers, letters & characters will take on average 2 years to crack using bruteforce. A 15 character password bruteforce cracked can take 150 years. We would highly suggest going for length over complexity.

Remember every user knows about using numbers like 1 in the place of an I and 0 in place of an o so the hackers do too. Don’t use the” remember password” prompt when you are not on your own computer.

Change your password regularly (every 3 months), not just on facebook but things you access regularly.

Phishing

This is the most common way for your facebook account to be compromised.  A basic phishing attack usually starts with the hacker creating a webpage that looks exactly like the login page.  An email is then sent to you directing you to log in to that page.

Once you put in your normal login details (email address and password) they are stored in the hackers content record which the hacker can download and use on your real facebook login.

Stealers

It is estimated around 80% of users store their passwords in their browser for ease of use. Very convenient but easy to steal.  If a user has physical access to your computer they could insert a USB stick that is programmed to automatically extract saved passwords in the browser

Instead of saving your passwords in a browser consider using a password manager which will automatically fill in important forms without you having to type anything in, and therefore keeping your passwords safe.

Session Hijacking

If you are accessing facebook on a none secure connection i.e using http:// rather than https:// and you are on a local area network (LAN) then a hacker can steal your browsers cookie which is used to authenticate you on the website and use that information themselves.

To combat session hijacking using Firefox there is an add-on called Force TLS or if you use Chrome, KB SSL Enforcer.  Both of these redirect you to a secured page of the sites you are visiting.

Another name for this is sidejacking/Firesheep which is the same type of hacking only using wireless public networks.

Video 

There are very few places in the world now where you don’t see a video camera or webcam monitoring the area. It is relatively simple for someone sitting close by to be videoing you as you type in usernames and passwords into sites you visit.  In public spaces be alert, the same as you are when putting in your credit card pins in shops/garages.

BACK