Thursday, February 4, 2010

Hacked On Facebook! Has It Happened To YOU Yet?

Have You Been Compromised on Facebook…Yet?

If you haven't yet, then you will be…unless you take action NOW!

Hacking attacks on Facebook are increasing with every tick of the clock, so here are some basic precautions you should be taking.

  1. Check Your Password Strength…NOW! Your password is your first line of defense on Facebook. These are the rules: No pet names. By pet, I mean your pet cat, dog, budgerigar, hamster, spouse, boyfriend, next door neighbor, your worst enemy or any name at all. Make it loooooooooooooong and random: Better still, get yourself a password generator. There are excellent ones around. Here are a few. AnyPassword:, Steve Gibson’s Perfect Passwords can be harvested from These are generated each time the page loads which makes each one unique. Bookmark the page and return at random intervals to refresh your Router password and harvest any others you may need. Just be sure the utility your using them in can handle long passwords. Of course, you can shorten them if you wish, but that kind of limits their effectiveness. Steve Gibson advises that each ‘one is [a]completely random (maximum entropy) without any pattern, and the cryptographically-strong pseudo random number’. Further, the ‘page will only allow itself to be displayed over a snoop-proof and proxy-proof high-security SSL connection’. So, sorry guys ‘n’ gals, if your connection doesn’t qualify you need help fast to secure your router/connection to the Internet.
  2. Secure your password: This means, keep your password itself secure! There’s no way you’re going to remember your specially created, super strong password, and type it in each time you need it when you log into Facebook etc. For that you’ll need a secure storage facility. Therefore, you need a vault, such as AnyPassword, I’ve already mentioned, which incidentally, has a built-in password generator that is great for most things. Or, another recommended one is Last Pass: (This will download the file from Last Pass, like AnyPassword is freely available.
  3. Guard Yourself Against ‘Youtube.xyx’: this site is a scam site. Note this in your memory now and check your browser address bar each time you type in the legitimate address. What follows is an explanation of what happens when you accidentally access this site. It is usually initiated by a message from one of your friends saying that they found a video of you on Youtube or, they put one of you on Youtube, that features you, yourself, doing something crazy. Naturally you click on the link to see this video of you, yourself, and you see a page made up to look exactly like Youtube, only it isn’t. It’s a scam site. Next, you are assaulted by a pop-up advising you of a flash player error and that you need to click on the provided link to update your Flash player. Like a sheep to the slaughter you meekly, trustingly, mindlessly, click on the oh so readily available link and, “Whamo” you have just initiated the installation of some really nasty malicious software that begins to key log each key stroke you make from now on. Along with everything else it gathers, it will harvest your Facebook password and proceed to send the same fake message, you responded to, to a bunch of other poor suckers. So, be warned! If your reasonably sure you haven’t done anything to get yourself filmed on Facebook recently -then it is likely a phishing scam.
  4. Those Pernicious Facebook Apps: You know the ones I mean. They are ubiquitous on Facebook nowadays. Everyone, it seems, is doing them. Wakey wakey, people. These apps are often the perfect way to harvest your Facebook password. All of them know so much about you already, and now they have access to all that other personal information available about you on your page. Some is hidden info, and includes access to your friends and all their details as well. The following demonstrates how they obtain your password. It will be either exactly like this, or in a manner very similar. You take a Pokemon quiz on Facebook to see what sort of person you are, or something similar. Then you finish the quiz and hit that submit button. Next, the instructions advise you that you must now log back in to Facebook, which you obligingly do. The only problem is, the log-in page is now not one belonging to the real Facebook and, just like that, they have your log-in and password. We must be fair to Facebook as they do try to purge these nasty apps but, by the law of averages, they can not protect you from them all. Some will get through and, the sad truth is that the legitimate ones make it easier for the illegitimate ones to bluff the unwary. That’s just the way it is, in this old naughty world.
  5. The Moral -Don’t Share: Make it your golden rule, DON’T EVER, EVER SHARE YOUR PASSWORD WITH YOUR FRIENDS. EVER. Sorry, but that’s the rule. A Facebook friend may be a friend today, but you don’t know what tomorrow may bring. Also, when you share with one Facebook friend, they may share with another. You simply don’t know. Further, some ‘friends’ are not your friends. They are, in fact, your enemies and they will happily share all your secrets as ‘status updates’ on Facebook and then change the password so you are unable to get rid of it. The news is full of stories like these. I’ve read them, and maybe you have to. So, remember the old adage, “An ounce of prevention is worth a ton of cure”. Also, it’s sobering to realise that Facebook’s rules now do not allow for the removal of any site on Facebook –ever! That’s right. If you die, your Facebook site continues on and on and on. Granted, access is limited to certain people, like proven relatives etc, as a sort of obituary. But, the scary thought remains, it will remain in cyberspace until the Last Trumpet!

Be aware that these rules apply to all Social Networking sites. So, apply them now and practice them from now on, and my you enjoy your Facebook adventures without too many misadventures along the way.

No comments:

Post a Comment

Please feel free to post comments related to the subject or topic in the main post. Do not use foul or bad language or swearing, suggestive of obnoxious language. All posts failing to observe this rule will be instantly deleted. Otherwise, please agree, disagree, debate, argue, express your opinions as freely as you wish. Thank you.