I just came across a guide to hack/retrieve passwords of Facebook accounts. It is not at all complex, involving just the uploading of a phishing script (freely available) that is identical to Facebook’s login page to a web server and lure the targeted user to enter their credentials on the phishing website. These credentials will be saved as plain text and the phisher can use it to login to the victim’s Facebook account.
A chain is only as strong as its weakest link. No matter how strong your password is, if you are not careful enough and fall into the phisher’s trap, you can kiss your privacy goodbye. This is by far the easiest way for an average joe to hack into your Facebook account, and all you need to defend against it is to equip yourself with some basic knowledge.
Remember: Whenever you are required to enter your Facebook password, have a look at your browser’s address bar. Make sure the domain is facebook.com and nothing else. Any other .com, say, facebook-secure.com or login-facebook.com is not the real Facebook.
If unsure, simply go to facebook.com directly and login there.
I have also came across another guide on the same blog about a hack that prevents someone from logging into his own Facebook account. The hack involves a bot that continuously, automatically, login to a targeted Facebook account with the wrong credentials, causing Facebook to freeze that particular account.
The catch is the hack only works if the hacker have the email address the victim use to login to his Facebook account. It’s therefore wiser to share your Facebook profile using your profile URL than giving out the email address you associate with your Facebook account.
Basically just anyone can employ these tricks to hack their desired Facebook accounts, since all the required tools are provided and freely available for download. The comments on the mentioned guides suggest that the intentions of these people wanting to hack are:
- Checking on their partner (most common)
- Checking on their ex’s account
- Spying on their crush