Hacking Facebook User with Social Engineering Method

Hacking Facebook User with Social Engineering Method


Type : Tutorial

Level : Medium

Attack Type : Social Engineering

Almost more than 70% people in this world know about facebook, the largest and biggest social network website. Some of facebook users even called themselves as facebook addict where they will feel something missing in their life while they didn't open facebook in a day.

Nowadays if you saw news and information about growth of internet users was very rapid, but some of them didn't know about securing themselves while on internet; or at least knowing while something abnormal happen in a website they visited.

Actually I've already wrote other tutorial related with facebook hacking tutorial:

1. How to Hack Facebook Password Account

2. Hacking Facebook Using Man in the Middle Attack

3. Facebook Hacking using Fake page Phishing Method

Today I will wrote a simple tutorial about Facebook Hacking using Social Engineering method. Actually not a full tutorial, but at least you can get the conclusion how attacker do this type of attack so you also can aware :-).

I got this type of attack while one of my friend in facebook(his FB account was hacked by someone) and he send me a link that bring me to fake FB page.

If I can rate this type of attack maybe I will give it 8 out of 10 because of it's feasibility to harvest username + password directly and fast because its ability to deceive users (especially for users who just know how to use internet and not aware about security).

I'm talk too much LoL ๐Ÿ˜› …okay let's prepare and see the logic how the facebook user attacker do this

Requirement :

1. Facebook fake page (see my other tutorial + facebook offline file http://www.hacking-tutorial.com/hacking-tutorial/hacking-facebook-using-man-in-the-middle-attack/ and http://www.hacking-tutorial.com/hacking-tutorial/5-steps-how-to-hack-facebook-account-password/)

2. Web hosting place

Step by Step :

1. Create the fake page first(you can improve yourself for creating this fake page ๐Ÿ˜€ )

Hacking Facebook User with Social Engineering Method

2. The next step attacker create some eye catching link to impress other users click that fake link. The picture below was only an example…while you put some link on facebook status, facebook will automatically grab your webpage + thumbnails on your webpage.

How do the attacker make their link more interesting while sharing facebook fake link?

-). they can add this :

<meta name="description" content="http://fakeurl.myfakewebsite.com was created for you to change your facebook profile much more responsive and have a better look by adding some background image, etc. Choose your facebook profile skin now for free..." />

that meta description will appear as description.

-). they also put this code :

<div style="position:fixed; top:-1000px; left:-1000px;">
   <img src="images/fb1.jpg" />
   <img src="images/fb2.jpg" />
   <img src="images/fb3.jpg" />

to make image did not appear while user access the fake page(http://fakeurl.myfakewebsite.com), but facebook can crawl the thumbnails from attacker fake page…so attacker can choose the thumbnails to display while sharing the link.

3. While user interesting and decide to visit attacker fake facebook page,

Hacking Facebook User with Social Engineering Method

4. They will feel that they're doing something with their profile,

Hacking Facebook User with Social Engineering Method

5. If the user successfully store their credentials in attacker database, then they will be redirected to facebook page by using simple script like :

<meta http-equiv="refresh" content="4;url=http://facebook.com/">

6. If the credentials not successfull to store on database, then ask the user once again to input their credential,

Hacking Facebook User with Social Engineering Method

Here's the video (sorry for bad quality) ๐Ÿ™‚ :

Video will come soon(i've trouble upload to youtube here ๐Ÿ˜› )

Update: I made some change for this facebook social engineering method, you can view the updated one in this post about Hack Facebook Password Social Engineering.

Subscribe to this blog to get the latest update about how to hack facebook by click the subscribe button below

Subscribe How to hack Facebook

Countermeasures :

1. While you already logged in in your facebook account, and then while you using application/link/etc it ask your credentials, do not believe it.

2. Look carefully to the URL address bar.

3. If you already put your credentials there, change your password as fast as possible.

Share this article if you found it was useful:

Blogger at hacking-tutorial.com.

See all posts by || Visit Website : http://www.vishnuvalentino.com