With its millions of users, the world’s most popular social network has become a perfect target for hackers exploiting such a dense concentration of potential victims. PandaLabs, the anti-malware laboratory of Panda Security has received numerous reports from users whose Facebook profile has been hacked and whose identity has therefore been placed at risk.
Apart from phishing attacks or spam, which are now easily recognized by many Internet users, hackers are employing new methods, which for the moment at least, are proving to be successful. Here is an analysis of the technique which has been most frequently used over recent months:
Step 1: The bait
The bait normally comes from the profile of a friend whose account has already been hacked. Users typically receive a message (which appears to be genuine) suggesting the recipient clicks a link for one reason or another. In most cases, the message offers a “spectacular video” or claims “you appear in this clip”, and normally includes the user name of the recipient.
Example:
Step 2: Phishing attempt
Having attracted the attention of the user, cyber-crooks now need to get the user name and password of the intended victim to launch the second phase of the attack. The page that the link points to is a perfect replica of the Facebook login page, but is hosted on another Web address:
Step 3: Gaining complete access
Now the user has clicked the link and entered their login credentials, they have to grant the malicious application which is running the attack complete access to their personal information, as well as the rights to post information through their profile. This ensures that the attack can be spread further through friends and contacts of the victim.
After gaining the permission, the attack continues, targeting the victim’s contacts and starting the process all over again with new users, as illustrated in the example below:
What to do if your Facebook profile has been hacked
Step 1: Firstly, remove all permissions that have been given to the malicious application. This is a simple process: from Account > Application settings in the top-right corner of your Facebook profile. This ensures that the application will not continue to have access to your profile once the password is changed.
Step 2: Change the login password! To keep your identity safe, it is advisable to change your password and the user name (it’s a good idea to do this from time to time anyway). This is also easy: Go to Account > and Account Settings in the menu in the top left corner of your Facebook profile. It is also advisable to use strong passwords that cannot easily be guessed.
More information is available in the PandaLabs Blog.