How Do Hackers Take Over a Facebook Account? And tips to secure your account
Your Facebook account is a useful commodity for online criminals. Not only can they potentially access your personal information -- your full name, location, details about your life -- but your Facebook friends' as well. Your account can also be used to spread spam and malware to other users, compromising their security. To gain access they may use malicious software, rogue applications and social engineering. Protect your account by following sensible guidelines.
LOGIN INFORMATION
If someone obtains your login information, he can access your account anytime he wants. Choose strong passwords -- at least eight characters, containing letters and numbers. Single words, even long words, are too easy to guess. Don't leave your Facebook account logged in on a shared computer or public terminal. Anyone could commandeer your account. Don't leave your Facebook password lying around or give it to anyone else.
If the email you use with your Facebook gets hacked, you may lose control of your Facebook account too. Your email login information is valuable and you should look after it. Follow the same guidelines as for your Facebook password: pick a strong password, don't leave your email account logged in where someone else could access it and don't give away your password.
MALWARE
Malware -- malicious software -- is another tool that a hacker can use to take over your Facebook account. Keyloggers are programs that record everything you type into your computer. The person controlling the keylogger then has access to your login information. Other forms of spyware can steal information from your computer that may give someone else access to your Facebook account.
ROGUE APPLICATIONS AND INFECTED LINKS
You can use applications, also known as apps, to give your Facebook new features, play games or answer quizzes. Unfortunately, not all apps are what they pretend to be. Rogue apps ask for posting access to your Facebook account. If you give them access, they can post spam to your account or your friends' walls and send messages via Facebook's private message system or instant messenger. Some rogue apps and links can even infect your computer with malware; an example is the Koobface worm that places malware on your system and hijacks your account to post spam. Be very careful what links you click on Facebook and don't give too much access to any application.
SOCIAL ENGINEERING
Instead of high-tech attacks, social engineering relies on confidence tricks to steal your data. In the case of Facebook, this is generally done by "phishing." You receive an email that looks as if it came from Facebook. It seems real but this email comes from a scammer. It will often have an urgent tone, for example telling you that your account will be shut down if you don't respond with your password or log in via a link in the email. If you do either of these, your login information will be stolen. Avoid phishing mails by setting your spam filter to block junk mail. Always log into Facebook via your bookmarks or by typing Facebook.com into your browser -- that way you know you are on the real Facebook site, not a counterfeit operated by phishers.
Tips to Keep Your Facebook Account and Business Page Secure 🔐
Protecting people's information is the most important responsibility we have at Facebook. Our teams work around the clock to detect and prevent fraud, safeguard data and ensure our systems are secure. While we invest in finding, fixing and preventing security issues, there are things you can do to protect your account and your Page. We put together a list of security tips to help you recognize suspicious requests and activity, and keep your account and your Facebook Page safe. And since your business Page is connected to your personal Facebook account, it's important to keep both secure.
1. Secure your Facebook account with a strong password and two-factor authentication
Pick a strong and unique password. Avoid including your name, phone number, email address or common words. Don't reuse your Facebook password on other services online, and never share your password with others.
To further secure your account, we recommend enabling two-factor authentication, both for yourself and as a requirement for other members of your business. Once you've set up this extra layer of protection, we'll ask you to enter a code or confirm your login attempt each time someone tries accessing your Facebook account from a computer or mobile device we don't recognize. We also encourage you to sign up to get alerts when someone attempts to log in from a device we don't recognize.
Visit the Help Center to learn more about how to set up and manage two-factor authentication and receive alerts about unrecognized logins.
2. Review Page roles and permissions
Be sure to familiarize yourself with the different Page roles that exist and the permissions they have. We recommend regularly reviewing who has admin access to your Page in settings, and when you add your Page to a Business Manager, please take a moment to understand the permissions you allow. We also recommend having more than one admin for your Page, so that in case you ever lose access to your Page, someone you trust can help keep the Page up and running, and get you back in.
3. Don't accept friend requests from people you don't know
Scammers may create fake accounts in an attempt to friend and manipulate people. Accepting requests from scammers could lead to spam being posted on your timeline and shared with your friends. Scammers may also tag you in posts and send malicious messages to you and your contacts, so we encourage you to be careful to only accept friend requests from people you know and trust. Similarly, don't grant Business Manager permission to Pages you don't know. You can report suspicious Business Manager permission requests here.
4. Watch out for suspicious links and malicious software
Keep an eye out for links you don't recognize, especially if they're coming from people you don't know or trust. Be careful not to click on suspicious links, open suspicious files or install malicious apps or browser extensions—even if they appear to come from a friend or a company you know. This includes links on Facebook, in private messages and in emails. Keep in mind that Facebook will never ask you for your password in an email. You can always confirm whether an email claiming to be from Facebook is authentic by reviewing recent emails we've sent in the Security and Login Settings here. If you see a post or message that tries to trick you into sharing personal information, please report it.
To avoid infecting your device or computer network, learn the signs of malicious software and ways you can protect your devices from it. And remember to keep your devices, web browsers and applications up to date and remove any suspicious applications or browser add-ons.
5. Set up trusted contacts
To help you regain access to your account, and then your Page, in case you are ever locked out, you can enable your friends to be your trusted contacts. They'll be able to send you a recovery code with a URL to help you get back into your account.
Lastly, if you think your personal account has been compromised in any way, please visit facebook.com/hacked to get help, and visit our Help Center for help with your Page security. You can also explore Privacy Basics for more ways to increase your account security and to learn about the protections we have in place.
No comments:
Post a Comment