August 2020 and people still find ways to hack facebook accounts, it is not a bug in the Facebook system but it is based on the weak point of the system: the human
We discovered a mass hacking technic and lot of people still fall in the trap, the technic is so simple, we describe it here so you don't fall in the trap and not to use this technic:
1) The hackers create a facebook login like page on some free hosting, in our case the hacker used pages on websites with vulnerabilities, on of them was using an old version of joomla CMS, the other one was on a free hosting service, we contacted the company and they shut down the account
2) The hackers made a facebook ad for a giveaway or so, in our example the hacker ad was a giveaway for 30 Iphone and another one was a giveaway for 50 LG TVs
3) The hackers link the ad with the fake facebook login page so when people click on the ad they are redirected to the fake facebook login page
that's it, the user put his creditentials and the hackers got them and can now access his account and do whatever they wants
This technic is called phishing
There is some simple signs to warn you that the link is suspect:
- Check the page displaying the ad
- Don't follow a suspect link
- if you are already connected on facebook on you click on a link and the page asks you to login again don't do it, since you are already logged in you shouldn't be asked to login again
- Check the URL, if it is not facebook.com don't login, some hackers may try different spelling like facebook.somesite.com or face-book-login.com, the important part is the one just before the domain level, in our example facebook.somesite.com the facebook is only a subdomaine that any one can create on his domaine, somesite.com is the main domaine
Hope this post will be useful for you, take care
Comments
Post a Comment