Yes, there are methods (plural). The most common does not involve hacking Facebook, but instead, they focus on you, the user of Facebook. Keep in mind, that attackers will generally not be interested in hacking your Facebook account at all (seriously, hackers don't see any value whatsoever in your Facebook account) unless:
A) You're a well-known celebrity;
B) You control a Facebook page or group with +100,000 fans/members, preferably 1 to 10 million;
C) You have an important role in a large company, where you have access to financial transaction data. In case you do have such a role, don't worry as common sense, will likely never get you hacked by the common tricks they use. In case they do compromise your identity including your Facebook account, you will likely not notice. (APT);
At least once, you would have wished if you could hack a Facebook account for free. Trust me, you’re not alone, all of us have done, including me.
But the end result might have probably been a disappointing one. Right? 90% of the people who wish and then put effort to hack online accounts don't really succeed. And yes, the other 10% does.
If you’re reading this right now, it means that you belong to the 90% of people who fail to hack the password of the accounts they wish to.
So, this is what happens in the world right now.
- People think Hacking Facebook accounts is easy as a piece of cake.
- People think they can download Facebook hacking software for free.
- People even think there are online tools and could generate JavaScripts that can hack online Facebook accounts.
- People think if they can complete some online surveys, they can do it.
- People think they can easily learn hacking tricks.
- Plus, People think it’s not against the law.
The exact opposite to the list above. Hacking is not easy and there are no such JavaScripts or codes that could hack Facebook accounts. Think about it. Do you think the big Giant – Facebook’s security team is not strong enough?
Millions and Billions of money roll through the social media websites like Facebook. And they put everything they have to make their security structure strong.
And, Hacking is really illegal, that this law comes from Cyber Crime. This could leave you finding enough money to make you go bankrupt, and even spend the rest of your lives behind the bars.
And, there are no such software, programs, tools or applications that can hack Facebook accounts just with some clicks. Those are all pure nonsense.
You might have heard of some popular online hacking tools with crazy names and all. Here are the reasons why people build such software.
- One : They drive in a lot of fools like you, thus making money from their websites via Advertisements.
- Two : Some of the applications are even Paid, with which they make a hell lot of money. But you will end up being the clown.
- Three : These tools and applications could contain Trojan Viruses and bots that could steal your private information.
Here are some of the most popular so-called Facebook hacking tools which fools a lot of people, thus making a lot of money.
- 007 Facebook Hack.
- Pro Facebook Password Stealer.
- Ultimate Facebook Hack Tool.
These are some of the top scams on the internet I’ve seen. They make a hell lot of money luring in people who aren’t aware of the truth. If you happen to see any of this software in the way ahead of you, please don’t use them.
But right now, you might be ready to argue with me that there are people who hack Facebook accounts. Well, you got a point. Yes, there are. You, me and everyone can do it just with some efforts. But, please don’t. I’m again reminding you that it’s highly against the law.
So, how do they do it, if not with this crazy software?
The Real Facebook Hacking Methods.
1. Phishing
Phishing is still the most popular attack vector used for hacking Facebook accounts. There are various methods to carry out phishing attack. In simple phishing attacks, a hacker creates a fake login page which exactly looks like the real Facebook page and then asks the victim to log in. Once the victim logs in through the fake page the, the victims "Email Address" and "Password" is stored into a text file, and the hacker then downloads the text file and gets his hands on the victim's credentials.You may like to read : The Hidden Mystery Behind 'The Deep Web' and 'The Dark Web' And How To Access It Safely
2. Keylogging
Keylogging is the easiest way to hack a Facebook password. Keylogging sometimes can be so dangerous that even a person with good knowledge of computers can fall for it. A Keylogger is basically a small program which, once is installed on victim's computer, will record everything victim types on his/her computer. The logs are then sent back to the attacker by either FTP or directly to hackers email address.
3. Stealer's
Almost 80% percent people use stored passwords in their browser to access the Facebook. This is quite convenient, but can sometimes be extremely dangerous. Stealers are software's specially designed to capture the saved passwords stored in the victim's Internet browser.
4. Session Hijacking
Session Hijacking can be often very dangerous if you are accessing Facebook on an HTTP (non-secure) connection. In Session Hijacking attack, a hacker steals the victim's browser cookie which is used to authenticate the user on a website, and use it to access the victim's account. Session hijacking is widely used on LAN, and WiFi connections.
5. Sidejacking With Firesheep
Sidejacking attack went common in late 2010, however it's still popular now a days. Firesheep is widely used to carry out sidejacking attacks. Firesheep only works when the attacker and victim are on the same WiFi network. A sidejacking attack is basically another name for HTTP session hijacking, but it's more targeted towards WiFi users.
6. Mobile Phone Hacking
Millions of Facebook users access Facebook through their mobile phones. In case the hacker can gain access to the victims mobile phone then he can probably gain access to his/her Facebook account. There are lots of Mobile Spying software's used to monitor a Cellphone. The most popular Mobile Phone Spying software's are Mobile Spy, and Spy Phone Gold.
7. DNS Spoofing
If both the victim and attacker are on the same network, an attacker can use a DNS spoofing attack and change the original Facebook page to his own fake page and hence can get access to victims Facebook account.
8. USB Hacking
If an attacker has physical access to your computer, he could just insert a USB programmed with a function to automatically extract saved passwords in the Internet browser.
9. Man In the Middle Attacks
If the victim and attacker are on the same LAN and on a switch based network, a hacker can place himself between the client and the server, or he could act as a default gateway and hence capturing all the traffic in between.
10. Botnets
Botnets are not commonly used for hacking Facebook accounts, because of it's high setup costs. They are used to carry more advanced attacks. A Botnet is basically a collection of the compromised computer. The infection process is same as the keylogging, however, a Botnet gives you additional options for carrying out attacks with the compromised computer. Some of the most popular Botnets include Spyeye and Zeus.
This a list of attack methods, based on the likelihood that will get your Facebook account compromised:
★You forget to log out of Facebook from a public computer, or you forget to lock the computer screen at work or at home, and someone else besides you, go to that computer and write on your Facebook wall that you've been "hacked". This has nothing to do with hacking at all (it is related to "red teaming" though, except during this type of exercise, getting access to Facebook accounts is not the target and never will be), but it is probably the most commonly seen "hack". This poses no threat to you, except embarrassment in some cases.
★ A friend who knows your password, logs into your account and writes on your Facebook wall that you've been "hacked". The password was obtained by asking you for it (beginner level of social engineering, except that this case is not really social engineering if you give up the password when asked for it directly), seeing you type it in (shoulder-surfing), or simply guessing what it is (online brute-forcing). This has very little to do with hacking and poses no threat to you, except embarrassment in some cases. In case this happens, reset/recover your password. This is the most common scenario where Facebook accounts are "compromised", but not really compromised.
1) You receive an email from a non-targeted mass-phishing campaign that prompts you to log into Facebook or reset your password. This attack is likely to occur but can be prevented by not falling for phishing tricks.
2) You use an app on Facebook that compromises your computer. Similar to malvertising. There is close to no protection against this attack, except not using phoney looking apps on Facebook. However, your computer could also be compromised through other websites you browse. In cases of malvertising, the attackers are rarely interested in your Facebook account. They would much rather have access to passport photos (identity theft), bank accounts, processing power (bitcoins), and network resources (other computers to compromise, or to perform DDoS attacks)
3) You live in a country that performs heavy monitoring on its citizens. In this case, the mobile phone you buy has likely pre-installed government malware on it. The Internet connections are likely monitored as well. There's nothing you can do without educating yourself about computers.
4) You "root" your mobile phone. This disables almost all safety/security controls making it easier for your mobile phone to get compromised.
5) An attacker looks at your profile and looks at all the public data that is exposed to anyone on the Internet. Based on this data, the attacker attempts to recover/reset your password, or even guess it. People tend to use very simple passwords. It's unlikely someone will attempt to hack you this way unless you control a very popular Facebook page or group with at least 10,000, 100,000 or 1,000,000 subscribers/fans.
6) An attacker befriends you on Facebook, for heterosexual males this could be a "hot" female, and vice versa. The attacker is able to obtain more information from your friend, in case your privacy settings are more strict for "non-friends". It's unlikely someone will attempt to hack you this way unless you control a very popular Facebook page or group with at least 10,000, 100,000 or 1,000,000 subscribers/fans
There are probably a lot more scenarios, but unfortunately, I don't have the time to come up with all of them. If you're going to relay this information elsewhere, keep in mind that you need to relay the exact wording or it will otherwise not make sense.