3 Ways Facebook Hackers Target Your Account

Facebook accounts are an often overlooked gateway into an individual’s personal life.   We, as social networking users, have few reservations about posting our photos, location, plans to travel, private outbursts, and information regarding friends, family and work.  We include names, phone numbers, email addresses, GPS coordinates and the list goes on and on.  But you ask “What’s to worry?  After all, I am only posting this information for friends and family to see, right?”.  The simple answer is no. Facebook hackers want your information.

The truth is that many of your friends’ and family’s accounts are being hacked every day.  By successfully compromising your Facebook account an attacker has unlimited access to a wealth of information about you, your friends and your family.  In addition, if a hacker gets your Facebook password, I think it’s reasonable to assume that he could then take over your email accounts, bank accounts, and other private information as well.  The following 3 Methods of Facebook Hacking are something that everyone should make themselves aware of.  When you have learned the attacker’s methods you can begin to protect the information that you so freely give out on the internet.

1. Social Engineering:
Generally the first thing a hacker will do is to find a way directly to your inner circle.  One way an attacker might start is by  ”friending” some of your closest friends, family and coworkers on Facebook.   Once enough mutual “friends” are built up, they will eventually work their way up to sending you a friend request.  It may appear to come from a name that you know, or perhaps some curious account with a hot profile picture to grab your attention.  Either way, you look at all of your mutual friends and you click “Confirm” on the friend request, allowing the attacker access to a gold mine of information.Once the attacker is on your “friends” list he can see all of your photos,  friends and family that you talk to the most, your daily activities and more.  In addition, he may be able to access your email address, phone number, the schools you went to, and where you currently work.

Armed with this information the hacker can now move on to the next level of attack, attempting to access your login details and other private information.The lesson to be learned here is “Don’t accept friends requests unless you’re darned sure you actually know the person on the other end”.  Either confirm the friend request by phone, by sending a private Facebook message asking for some specific details, or by only adding friends where you have initiated the friend request.

2. Brute Force:
Once the hacker has gained access to the names of your cats and dogs, children’s names, birthdays, etc he will begin the process to brute force your Facebook password.  This means he will make repeated attempts to log in to your account using a list of words and variations taken from the information you post to your account.  If the information gleaned from your profile, posts and photos does not yield a hit, he will move on using automated applications and dictionary files to attempt to crack the password.  There are a bunch of tools that claim to do this automatically, one only has to perform a quick Google search to find a page full of options.

A potential user of brute force applications can find unlimited tutorials on sites like YouTube.  With the availability of tools like this, I suspect anyone with a keyboard has the potential to get your password if you aren’t careful.  However, if you use long passwords, consisting of numbers, upper and lower case letters plus a special character (e.g.- %,$,!,@), I think you should be a bit safer from these brute force types of attacks.

 

3. Phishing:
According to Wikipedia, “Phishing is attempting to acquire information (and sometimes, indirectly, money) such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public.”In layman terms this means phishing is the act of a hacker creating a clone of a well known website login page, such as Facebook or your bank, with the hopes of tricking you into inputting your username and password on the page.   Once you type your information into the login form, and click the submit button, your name and password are added to a database or sent to a fake email address controlled by the hacker.

A hacker can use any of several methods to grab your Facebook information through phishing techniques.  The easiest way is to create a fake Facebook login page, put it on a free hosting service and then send you an email or Facebook post with a link to the page.  The problem with this method is the fact that the domain name in the link and your browser address bar should be a dead giveaway as shown in the image above.

Another, more popular method is to use a technique called “tab nabbing“.  Tab nabbing is an exploit where an attacker sends you a link to a regular looking web page such as a game or a video.  When you switch to another tab in your browser, the original page does a quick refresh to a fake Facebook, bank or email login page.  The tab-nabbing exploit takes advantage of user trust and inattention to detail in regard to tabs.  Many internet users don’t bother to look at the URL of a tab they’ve already been on.  Here is a video example showing how a simple tab-nabbing attack works.

 

 

When attempting to compromise the account of a more experienced internet user, hackers may utilize a combination of tools for a more sophisticated attack. Some of these tools include ettercap and the Social Engineer Toolkit’s Credential Harvester.  With this type of attack the hacker can manipulate your DNS configuration, the service that translates domain names to IP addresses.  Once your DNS has been changed all of your internet requests to www.facebook.com will go to a server under the attacker’s control.  This type of attack is very difficult to identify because the actual domain name Facebook.com will appear in your internet browser address bar.

 

6 Simple Steps To Keep Your Account Safe:

• When logging in to your Facebook account, always double check the URL in your browser’s address bar
• Use long, complicated passwords that utilize upper and lower case letters, numbers, and special characters
• Do not post personal information to your Facebook profile (e.g.- phone numbers, email address, etc)
• Review and adjust your privacy settings, in both your browser and your Facebook account, on a regular basis
• Only allow people on your “Friends” list that you have personally sent a friend request to, do not accept blind requests!
• If you do accept a friend request from someone, make certain that you have verified the person on the other end using some other means.

The internet brings convenience, business growth, and the opportunity to share your thoughts and memories with friends and family.  It also allows an attacker unlimited access to your life and private information.  By following a few simple guidelines, you can keep yourself  a bit safer on social networking sites like Facebook.com:

Source: Virtual Threat

Evade Government Surveillance Stay Anonymous Online

Why stay anonymous online?  In today’s society there are people and automated devices that are recording your deepest, most private thoughts and activities. Each day we voluntarily divulge the most intimate details of our lives through social networking accounts, email, banking apps, online games and more. In addition, governments and corporations can censor and block our traffic based on whatever standards are in place that day.

Government agencies, hackers and sophisticated bot networks are capturing every piece of digital data that we transmit through all of our internet-connected gadgets.   Smartphones, Smart TVs, computers, tablets, and so much more…they are all vulnerable, nothing is safe these days.  Even your old clam shell phone isn’t safe.  This is because many phone providers route your calls over media using the Internet Protocol at some point within their network.  For example, long distance providers transfer calls over VoIP all the time.

Whether you’re browsing the web, signing up for a new online game, or simply checking your email, you are constantly leaving tracks and giving away information to anyone with  access and the knowledge to analyze the traffic.  Once the data is compiled the attacker can build an incredibly accurate profile of not only your online life but your real-world life as well.

I know, most people say, “Why would hackers want to hack into my life? I am not that important”  You have to understand that these “intruders into our lives” are scanning huge blocks of internet addresses at a time.  They don’t care who you are.  Your computer is simply another target IP address as they scan through thousands of computers and devices in their search for more information.  Once collected they take all the information and funnel it into databases where they can search through it later for high valued loot.

Don’t believe me?  Just read the following two stories about what our own government does:

NSA Utah Data Center Largest Spy Compound Ever – Part 1

NSA Utah Data Center Largest Spy Compound Ever – Part 2

So, the big question is, how can you stay anonymous online?  Free from government censorship and potential eavesdropping from some hacker or three-letter government agency that wants to invade your privacy while you use your computer.  In comes Whonix, the Anonymous Operating System!

 

 

 

 

Use Whonix, The Anonymous Operating System, Stay Anonymous Online

Whonix is a free, general purpose computer operating system based on Virtual Box, Linux and Tor.  The purpose of Whonix is to allow internet users the ability to stay anonymous online. This is most beneficial to users in regimes that censor and monitor access to the Internet, but it can also be used by anyone who values their privacy or doesn’t want their activities tracked online.

By design, IP address leaks are meant to be impossible while using Whonix. The developers claim even malware with admin privileges can’t find the Whonix Workstation’s real IP address or location.  This is because Whonix consists of two (virtual) computers. One machine acts as a gateway or router and runs only Tor, a sophisticated anonymity software.  This machine is called the Whonix-Gateway. The other machine, which called the Whonix-Workstation, is on a completely isolated network that only allows internet connections to be routed through the Whonix-Gateway.

Tor, the technology on which Whonix is built,  is a free software, along with an open network consisting of thousands of computers located around the world.  Together they strive to provide anonymity for individuals accessing the Internet.  The Tor Project helps you defend against a form of network surveillance, known as traffic analysis, that threatens everyone’s personal freedom and privacy.

Tor helps to reduce the risks of both simple and advanced traffic analysis by distributing your internet requests over several places on the Internet, so no single point can link you to your destination. The idea is similar to using a hard-to-follow series of roads while driving in order to throw off somebody who is tailing you.

Whonix automatically sets up an isolated network environment where your virtual “Workstation” can perform all normal internet related tasks such as checking email, browsing web sites, blogging, connecting to corporate VPNs, etc.  However all of that outbound traffic is then routed in such a way that it can only pass through your virtual “Gateway”, which encrypts the packets and sends them over several hops on the Tor network prior to landing at their final destination.

 

How Whonix Works: Figure 1

Once your traffic leaves the Whonix Gateway it is routed directly through the Tor network.  Instead of taking a direct route from source to destination, data packets on the Tor network take a random path through several relays, so no observer at any single point can tell where the data came from or where it’s going.  The relays even take additional steps to erase your tracks periodically along the way.

How Whonix Works: Figure 2 – Routing Through Tor

In the event that the Workstation user initiates a request to a new website or internet resource, the Gateway simply selects an alternate path through the Tor network as seen in Figure 3.

How Whonix Works: Figure 3 – Using An Alternate Tor Path

There a bit of a caveat to this system however.  As indicated by the red dotted-lines in the images above, the last hop in the Tor network passes the traffic in the clear to the final destination.  One of the primary functions of this computer, as an exit node, is to decrypt the data packets before they are passed off to their final destination.  This means this exit node could be vulnerable to a man-in-the-middle attack, or it could have even been placed there for the specific purpose of monitoring exit traffic by a hacker or government agency.  While the exit node would still have no information regarding the IP address or location of the original Workstation user, it would know the type of internet request that they sent to the destination server.

This scenario can be averted by using SSH tunnels or a VPN on top of the Tor network.  One would only have to install the appropriate software on the Whonix Workstation in order to provide an end-to-end encryption solution for the traffic.  Another method to bypass the man-in-the-middle scenario would be to employ the use of Tor Private Bridges or Private Exit Nodes.

It is important to note however that Whonix can be effectively used by most people right out of the box for web browsing, blogging and private conversations.

In order to make use of Whonix you will need to download a free copy of VirtualBox from the link below:

https://www.virtualbox.org/wiki/Downloads

Once VirtualBox has been downloaded and installed you can download the Whonix-Workstation and the Whonix-Gateway packages from SourceForge:

http://sourceforge.net/projects/whonix/files/whonix-0.4.5/

Once downloaded, just import the machine files into VirtualBox as-is and start them up, you don’t need to change any settings…also be sure to start the Whonix-Gateway machine before firing up the Workstation image.

The default login credentials for both virtual machines are as follows:

====================

Username: user
Password: changeme

Username: root
Password: changeme

====================

Once the images have completed the boot process you can login and run the “whonixcheck” command from the CLI (command line interface) in order to verify proper connectivity to the Tor network.  The Workstation output should look similar to the following (click image to enlarge):

How Whonix Works: Figure 4 – Workstation output from the “whonixcheck” command.

Be sure to watch for my article in the next few days detailing step-by-step instructions on how to install VirtualBox and Whonix on your computer.  Let me know what you think of this anonymity solution in the comments below…

 

——————————————————

[UPDATE: 01/09/2013] The Whonix development team forwarded the following important information about the anonymity provided from their product and Tor :

Whonix Statement

 

I would like to say thanks to the Whonix development team for their response to my article, your comments are appreciated

Source: Virtual Threat

Search: StartPage – avoid the NSA/Prism (coming soon: encrypted email, startmail)