There are many ways a Facebook account hacker can infiltrate your account or spy on your data in transit – the Facebook hack password attack mentioned above is just one of many. A very common form of hack is known as sidejacking (aka. cookie or session jacking) – where an intruder uses free web sniffer software like Faceniff, Firesheep or Droidsheep to steal Facebook (or email) login cookies, and then steps unnoticed into the victim's account. Sidejacking can be done over a wireless network (even encrypted with WPA2 if the hacker knows the WiFi password), or at any location between you and the Facebook server. Wireshark, another web sniffer, will capture and store all unprotected data passing through a network – which means everything you type or receive while using a default-configured Facebook account. The only way to stay safe from these attacks is through encryption. You should Therefore…
Secure Browsing function. In your Facebook account settings, under the security tab, there is an option to activate a permanent HTTPS. This will prevent cookie sidejacking or surveillance by web sniffer software. You should also implement this same protection on whichever web email account is linked to your Facebook profile. Most modern web email providers offer an HTTPS-only option, but Gmail is the only one to do so by default.
Consider investing in a VPN service. An OpenVPN subscription will encrypt all your internet activity and anonymize your connection to Facebook. As well as ensuring web sniffers have no chance to intercept your cookies or data, the fact that your IP is never attached to any of your Facebook communication means a hacker cannot easily target your machine for attack and a thief or cyber stalker cannot discover your real location (unless you publish it all over your profile, of course – see below). Just make sure you choose a VPN provider you can trust, and one that offers a fixed IP address (known as a dedicated IP). This fixed IP address is important for Facebook sign in as the site is suspicious when your geolocation IP changes. By switching IP often – as one does under standard Facebook proxy login situations – you will find yourself forced through laborious security checks. Have a look at idcloak.com's VPN – I'm quite sure you won't find one better for your purposes.
Privacy advocates would warn against giving Facebook your mobile number as it empowers the site's ad-motivated tracking of your internet activity. But arming your Facebook profile with your mobile number is in fact a very effective and altogether free internet security lifeline for when your profile on Facebook has been hacked. To recover a hacked Facebook account, all you need to do is request a security code from the site, which they will send to your mobile. With that, the hacker is shut out and you are back in control of your profile. The process of validating your identity by other means is much more laborious.
You have an option to prevent hacking as well: Login approvals. This Facebook feature is a more time-consuming but very effective protection measure – found in
Security in your account settings page. If your mobile number is attached to your Facebook profile and login approvals is activated, each time a user tries to log on to Facebook from an unrecognised computer, they will be forced to use a security code sent by SMS to the registered telephone.
An additional word of advice: of course, you should not publish your mobile number on public pages of Facebook, it is better if you only ever send personal identifying data over private messages through an encrypted connection. This is especially important if your number belongs to a smartphone, since these devices are prone to a number of different forms of hacks themselves and if your phone number falls into the wrong hands, it can help such an attack be targeted at you.
Facebook offers a slightly less time-consuming alternative to login approvals: login notifications. These also help protect you against third-party Facebook sign in, but through a simple alert. When activated, although Facebook grants access to any user who enters a password in from an unrecognized device, they will additionally contact the account holder to say that this has happened. If you receive such an alert and believe there has been unauthorized entry to your account, you may take immediate steps to rectify the situation by contacting the Facebook Help Centre.
Again, this option is available in the security settings menu in your account settings. You may choose whether the alerts are delivered by email or SMS – the former option is for those unwilling to attach their mobile phone number because of alleged Facebook privacy problems.
Because of the way Facebook's cookies work, you can easily leave your account open for third-party access when you neglect to sign out. As mentioned earlier, Facebook sidejacking is an alternative to conventional hack password Facebook attacks, but just as dangerous. Luckily, Facebook records which login cookies are still active and displays a list of the respective sessions in the security menu of your account settings. Each week it is advisable that you go to this page and click
End session on all devices listed there. Don't worry too much if you see what appears to be other devices listed from your area – they will likely be from your computer also, just under a different IP address. This is because your ISP does not grant a fixed IP address for your internet, but changes it regularly (known as dynamic IP addressing).
Copyright © 2013 idcloak Technologies Inc. - All Rights Reserved