Communication between people has almost completely moved to the online format. Social media has become a part of modern life. They can unite people living in different parts of the world and speaking different languages.
One of the most popular social networks is Facebook, the number of users of which has long exceeded 2 billion people. About 1.5 billion people visit Facebook every day. Therefore, Facebook is especially attractive to attackers, as evidenced by recurring incidents.
Accessing your account by resetting your password
The easiest way to log into your Facebook account without a password is by resetting your password. To do this, the attacker needs the email used for authorization and additional information about the account owner. Being honest with new casual acquaintances puts your online resources at risk. Attackers can also use automated intelligence applications to obtain information about you.
With this method, before hacking Facebook, the attacker gains access to your e-mail specified in your profile. Then on the Facebook login page will appear the Forgot account link.
Retrieving credentials using keylogger
With this method, you do not need to hack anything – the keylogger will provide the attacker with all the data for logging into the Facebook account.
There are software and hardware keyloggers. Keylogger is an application that reads keystrokes. Such an application is launched on the victim’s computer; the collected information is most often sent to the attacker via the Internet.
Hardware keyloggers are a USB device, external media, or keyboard adapter that plugs into an unsuspecting user’s computer. An example of a hardware keylogger is shown in the photo. All collected information is recorded on this device or sent to an attacker.
Thus, to launch a software keylogger, it is enough to get into the user’s trust and force him to launch the application. When using a hardware keylogger, direct contact with the user or his computer is required. You can give the victim a hardware keylogger under a plausible pretext, or you can gain access to the computer and insert it into the computer yourself.
Getting user credentials by phishing
Phishing is a type of Internet scam. Phishers use spam, malicious sites, email messages, and SMS to steal confidential user information: logins and passwords, bank card details, etc.
The most popular type of phishing is creating a fake login page. In this case, the user is sent a link to this page with text encouraging to use this link. For example, a message about the blocking of an account or a request to vote for a friend, etc. Scammers are very good psychologists. When clicking on the link, the user sees the page that is no different from the original and enters his username and password into the form. In this case, user data is in the hands of attackers.
Analyzing traffic through a fake Wi-Fi network
By using public Wi-Fi networks, you run the risk of connecting to a fake Wi-Fi network designed to steal accounts. The name of such a network can be the same or similar to the name of a trusted network that you often use. After all, intruders are watching you. After connecting to the fake network, the attacker analyzes the traffic and obtains all the information he needs to log into your Facebook account.