Facebook merupakan situs jejaring sosial yang paling banyak digunakan di dunia dengan jumlah anggota aktif tahun 2011 sekitar 800 juta orang. Sedemikian banyak pemakainya sehingga merupakan target utama pembajak atau umum disebut hacker.
Banyak cara untuk untuk membajak atau mengambil alih akun seseorang. Berikut ini daftar 10 cara yang biasa dilakukan oleh hacker untuk membajak login Facebook, dengan mengetahui cara2 yang biasa dilakukan oleh hacker semoga Anda dapat lebih waspada agar akun Facebook anda tetap aman
1) Facebook Phishing
Phishing is the most popular way to get someone facebook login data. There are some kind of Phishing attack, the most simple one is the hacker make fake facebook login account with an interface close with the real one. From that face page, victim will insert “E-mail Address” and “Password” which saved in .txt file. These data then taken by the hacker to get into victims facebook account and change the password with the new one.
Keylogging use a small program installed on the victims computer. This program will record all things that the victims type on their computer, also the login facebook data. The log will be send back to the attacker FTP network or from hackers e-mail.
Almost 80% people use password saved in the browser to make it easier to login into facebook. This will make it easier but it can be dangerous. Stealer is software designed to take password saved in the victim’s browser.
4) Session Hijacking
Session Hijacking will be really effective if you access facebook with standard connection (http://…). This way is by stealing victim’s cookie browser which used for user authentication on a sites. Session hijacking is commonly used on local area network.
5) Sidejacking with Firesheep
Sidejacking is an alternate name for http session hijacking which specified on Wi-Fi user. To do Sidejacking attack, hackers commonly use software Firesheep, But Firesheep will only work if the attacker and the victim is inside the same Wi-Fi network.
6) Mobile Phone Hacking
Millions of people do facebook login from their mobile phone. If hacker can access the victim’s mobile phone, most likely the hacker can also access the victims account. it can also be done using software to monitor mobile phone like “Mobile Spy” and “Spy Phone Gold”
7) DNS Spoofing
If the attacker and victims is on the same computer network, attacker can use DNS spoofing or redirecting from the original facebook page to the fake one which made by the hacker.
8,) USB Hacking
This is usually used when the attacker have physical access to the victims computer. Hacker will insert USB device which already programmed automatically to take the password which saved in the browser.
9) Man In the Middle Attacks
This could happened when the hacker and the victim is within the same switch based network. Hacker will place itself between the victims and the server or act like gateway so it can capture all passing data. This way is also called ARP Poisoning.
Botnet is actually not commonly used to hack into facebook login, because of the high cost. This is used for more advance attack. Basically this is a cooperation between some computer. The infection process is just like keylogging. The popular botnet are “SpyEye” and “Zeus”