Facebook is the leading social network with around 955 million users and 543 million mobile users. In 2012 Facebook introduced many new features which resulted some undesired outcomes at the user end. User privacy and account security became jeopardized along with the forcible imposition of ‘Timeline’ replacing the old layout (Wall) with which majority of the users are not happy. In addition to this Facebook has some loopholes in its Login form which can be exploited to hack a user’s account. Here I have presented a pictorial demonstration of how a user account can be hacked with ease.
Step 1: Enter the victims username and a random password in the Login form. It will prompt you as expected:
Step 2: Click ‘Forgot your password’. You will be redirected to :
Now click ‘No longer have access to thes?”. In some case it will take you to the page shown in the picture below and in some it will simply deny. If this page is displayed then the chances of breaking into the account of the victim are increased.
Step: In this step, you are required to enter an alternate email address against which no Facebook account exists. Once you enter the email address either you will have to answer a simple security question( which is more often ‘What is your mother’s birth city lol) or you will be given an easy task i.e. send code to 3 different friends from the list. Ask them to send you the code back. Enter the code, and ACCOUNT IS YOURS.
This technique may not work on all accounts. Some accounts will not proceed you in to further steps.
How can you secure your Facebook Account from such attacks?
1- Set such a security question which no one could guess.
2- Activate ‘Mobile security code’ for unknown devices.
3- If you are a Page or Group admin, do not give complete privileges to your co-admins.
4- Make your mobile phones number and email addresses private
5- Do not use suspicious apps like ‘Your Date of Death’.
Note: The purpose of this article is to aware people about the security loopholes in Facebook and let them know how they can avoid such risks. I don’t take the responsibility if anyone makes use of this technique for a bad purpose.
In response to Beena Sarwar’s http://beenasarwar.wordpress.com/2012/11/29/facebook-support-sucks/