We can not deny the importance of social media websites in our
daily life. A social media or social networking site helps people to
connect with their friends, family, brands and celebrities etc. We share
a lot of information on these websites including our personal and
financial details such as location, photos and messages etc. This is the
reason why hackers prefer to hack social media accounts for their bad
intentions.
How Can Hackers Hack Social Media
Accounts?
Not every internet user is educated enough
in a way to understand how to protect their social media accounts. So in
this article, Im going to mention some of the most popular
methods used by hackers to hack social media accounts and how to make
sure that you wont get hacked using those
methods.
1. Phishing
Phishing is
very easy and considered as n00b technique but it is one of the most
effective techniques to hack social media accounts. There is 50-50
chance for a hacker to get victims password using Phishing if your
victim is not aware of basic internet terminologies. There are various
ways of carrying out a phishing attack. The most common one is where a
hacker creates a replica of a login page which looks like the real
social media page. The victim will then think it's the usual
login.
The most common Phishing to create a duplicate
of a login page which looks like the real login page. The victim thinks
it's the usual social login page so he enters his login
details in phishing page. Once the victim is logged in through the fake
page, the email address and password are stored in a text file or in
hacker's database.
How to
detect Phishing Page?
- Check
URL of the login page.
- Never login your social media
account on other devices.
- Use Modern web browsers
that identify the phishing page.
- Avoid emails or
text msgs that ask you to log into your social media
account.
2.
KeyLogging
Keylogging is one of the
easiest ways to hack a social media account. A keylogger is a program
that records and monitors the users input and keeps a log of
all keys that are entered. The keylogger can actively send your inputs
to hackers via the Internet. You have to be very careful while dealing
with keyloggers because even the computer experts become victims of
keylogging.
How to detect
Keyloggers?
- Scan your USB
drives before using them
- Download software from
trusted sites only
- Use a good
antivirus
3. Man In The Middle
Attacks
In this method, the hacker secretly relays
and possibly alters the communication between the server and victim who
believe they are directly communicating with each
other.
The hacker makes independent connections with
the victims and relays messages between them to make them believe they
are talking directly to each other over a private connection, when in
fact the entire conversation is controlled by the
hacker.
The Hacker must be able to intercept all
relevant messages passing between the two victims and inject new ones.
This is straightforward in many circumstances; for example, an attacker
within reception range of wireless access point can insert himself as a
man-in-the-middle.
How to avoid MIME
attacks?
- Use VPN
services
- A proxy server to access the
internet
- Use good antivirus with good firewall
options
4. Social
Engineering
Social engineering is a simple method
that's based on collecting as much info from the victims as
possible. The information may include the date of birth, phone number,
security questions etc. Once a hacker gains access to this info, he can
brute force the info or use recovery methods to get login
passwords.
How to avoid Social
Engineering?
- Never share
personal info via email or phone
- Avoid links from
unknown or suspicious sites
5. Session
Hijacking
When you log in to your social media
account, your browser and the social media’s server maintains a
session for user authentication. The session details are saved in your
browser's cookie files. In session hijacking, the hacker
steals those cookies and then access the victim's account.
Session hijacking is most common when accessing Social media websites on
an HTTP (non-secure) connection and it is widely used on LAN and Wi-Fi
connections.
How to avoid Session
Hijacking?
- Do not use Social
media websites when connected to shared Wi-Fi or
LAN.
- Try to clear cookies every 2-3 days or if
possible daily
6. Saved
Passwords
Most of the time we share our login and
credit card details in the web browser. Anyone can see your Social media
account from your browser's password manager. A hacker can
get physical access to your computer and insert a USB programmed to
automatically extract or retrieve saved passwords in the Internet
browser or any other information the hacker may
need.
How to avoid Password
Hacking?
- Try not to save
passwords in web browsers
- Do not share your device
with people
- Block the device
connectors
7. DNS
Spoofing
If a hacker is on the same network which is
connected to the Victim, he can change the original page and replace it
with his own fake page and easily gain access to the victim's
social media account.
How to Avoid DNS
Spoofing?
- Always configure
it to be secure against cache poisoning
- Manage your
DNS servers securely
8.
Botnets
Basically, botnets are networks made of
remote-controlled computers or bots. These bots have been infected with
malware that allows them to be remotely controlled. It's
expensive to set up botnets and this makes them be minimally used in
cases of hacking login accounts. Some very popular botnets include spy
eye and Zeus.
How to avoid
Botnets?
- Keep all your
software up to date
- Ensure that your firewall is
always on
