Phishing
The first and very basic way of hacking Facebook accounts is via Phishing attack. Phishing is actually creating fake web pages to steal user’s credentials like email,passwords,phone no,etc.Once the victim logins through the fake page the victims "Email Address" and "Password" is stored in to a text file, The hacker then downloads the text file and get's his hands on the victims credential
DRAWBACK :
Users nowadays are aware of these type of attacks and one can not be easily fooled using this attack. You need some social engineering to trick someone.
‘
Prevention :
Always check the page URL before logging in. This is the most trusted and effective way one can use to avoid himself from phishing.
Other way is to use some good Antivirus software which will warn you if you visit a harmful phishing page.
Even if somehow you have already entered your credentials in a phisher, Immediately Change your password.
USB Hacking
If an attacker has physical access to your computer and your device, he could just use of USB programmed with a function to automatically extract saved passwords in the Internet browser.
Man In the Middle Attacks
If the victim and attacker are on the same LAN and on a switch based network, a hacker can place himself between the client and the server, or he could act as a default gateway and hence capturing all the traffic in between he can steal username and password also he can takeover victims account easily.
Keylogging
keylogger is basically a small program.which once is installed on victims computer will record every thing which victim types on his/her computer. The easiest way to hack a Facebook password Keylogging sometimes can be so dangerous that even a person with good knowledge of computers can fall for it. The logs are then send back to the attacker by either FTP or directly to hackers address.
DRAWBACK :
Keyloggers are often detected as threats by good antiviruses. Hacker must find a way to protect it from antivirus.
Prevention :
Execute the file only if you trust the sender.
Use online scanner such as novirusthanks.org
Use good antivirus and update it regularly
Session Hijacking
Session Hijacking is Dangerous if you are accessing Website on a http (non secure) .
In a session hijacking attack an attacker steals victims cookies, cookies stores all the necessary logging Information about one’s account, using this info an attacker can easily hack anybody’s account. If you get the cookies of the Victim you can Hack any account the Victim is Logged into i.e. you can hack Facebook, Google, Yahoo.
Drawbacks :
You will be logged out when user is logged out.
You will not get the password of the user’s account.
Will not work if the user is using HTTPS connections.
Prevention :
Always work on SSL secured connections.
Always keep a look at the url if the http:// is not changed to https:// it means that sniffing is active on your network.
Trojans/backdoors
This is an advanced level of hacking. It consists of a server and a client. In this type of attack the attacker sends the infected program to the victim most of time attacker bind with other program. After execution the infected program i.e. Trojan on the victim’s PC opens a backdoor and now the hacker can do whatever he wants with the victim’s PC .DRAWBACK :
Trojans are often detected as threats by good antiviruses. Hacker must find a way to protect it from antivirus.
Prevention :
Execute the file only if you trust the sender.
Use online scanner such as novirusthanks.org
Use good antivirus and update it regularly .
