In Jaymee’s last article about Facebook hacking, she discussed the plans of the hacking group Anonymous to hack Facebook, in this article I present 7 tips to protect yourself from being Facebook hacked.

Facebook is now one of, if not the most trolled and targeted websites for hackers and cyber crooks in the world, and with most of us being too trustful for our own good we are easy targets. All it takes is for one ill-informed or misguided decision to occur, and a hacker not only has access to all your personal information, but you have also exposed your friends to the same fate.

I don’t know about you, but over the last few months I have noticed a clear increase in the number of spam or malicious looking posts appearing within my Facebook News Feed and on my Wall. It is rare that a week goes by where I do not encounter at least one suspicious looking link, which has supposably been sent to me from one of my “Facebook friends”.

That fact is though, that these links claiming to have come from one of my trusted friends have more than likely originated from a hacker, or some form of hacking software.

The hacker has gained unauthorised accessed to my friends Facebook account through the very same or very similar link that they are now “sharing” with me.

When a person’s Facebook account is hacked, it is not just the hackee who should be concerned, but their Facebook friends should also be alarmed as they are now more at risk of being hacked themselves. Once an account has been hacked, the hacker will begin sending out fake Facebook posts containing malicious links, while making it appear as though the victims themselves have posted them. Hackers may also choose to send a Facebook message to the user’s friends via Facebook’s message service or chat feature, suggesting users check out a malicious link. If a friend is fooled into clicking on one of these malicious links, they are now at risk of not only having their personal Facebook account information stolen, but also any personal, financial or private information they have stored on their personal or work computer.

The dangers also extends to the pages that the user is an admin of. It’s easier to hack into an admins account, than it is the actual Facebook Fan page. Once you’ve hacked into an admins account, you get access to the Facebook Fan Pages he or she admins!

How your account can be hacked?

There are many different ways your Facebook account can be “Hacked”. The most malicious and damaging form of hacking occurs through phishing, or when a hacker gains unauthorised access to an account after the user has clicked through to a fake app or link. Once the user has clicked through to the link or app the user will be redirected to a page that looks almost identical to that of Facebook’s login screen. If the user then enters in their username and password without identifying the page as a fake, the hacker will then have complete access to their account. The hacker is now able to utilise the users account to spread the infection further via their newly acquired friends.

Listed below are 7 simple tips to help prevent you from being Facebook hacked:

1. If it looks suspicious, it’s probably is

If you don’t like the look of a post, link or App, do not click on in it. Obvious right? Yet people continue to fall into the trap. Most malicious links or Apps will offer you something too good to be true or use statements like “Shocking”, “Embarrassing”, “Unbelievable” or “Check This Out” in an attempt to draw users in to clicking through.  If you are in any doubt as to the nature of any posts from a “Friend” do not click on it, there is no point risking being hacked for a cheap thrill.

2. Don’t be a Friend whore

We all love logging into our Facebook accounts and seeing that we have a new Friend request waiting for our approval. It‘s in our nature to want to make friends, but it’s also in our nature to want to compete with others and to have more Facebook friends than what our real life friends have. It is this need to make as many friends as possible, and to one up our friends that makes many of us willing to accept any friend request, even when we don’t know whom the request is coming from.

Hackers, understanding that it’s in our nature and take advantage of a Facebook user’s eagerness to grow their Facebook friends list by sending out a countless number of fake friend requests. They hope to fool the user into accepting at least three of these fake requests. Why three you ask? Facebook has measures in place to allow users who lose or forget their Password and secret answer to recover there account with the help of three of their “trusted friends”.

To gain access to your account, all a hacker needs to do is pretend that they are you and that they have forgotten your account password and secret answer. Once they have been directed to the Facebook password recovery page they are able to, with the help of the three fake friends you have previously approved, reset your accounts password.  After a 24 hour freeze out period following the password reset, the hacker is able to have full access to your account.

This method of hacking is especially concerning to businesses that may be operating a Facebook account for marketing purposes, as they are more likely to blindly accept Facebook Friend requests in an attempt to increase their reach. This is one reason why businesses should only set-up Facebook fan pages and not personal profiles to promote a business.

3. “Password” is not an acceptable Password

Having a strong password will not prevent your Facebook from being hacked if you have fallen victim to one of the many phishing swindles hackers attempt. It will however make it incredibly difficult for hackers to gain direct access to your account through less extensive and more primitive hacking techniques. The most primitive technique is simply making a calculated guess of a person password.  The users; name, their wife, boyfriend, sibling, pet, birthday or the word password are examples of passwords hackers expect people to use, due to their easy to remember nature.

It is recommended that your password contain a mixture of letters, digits, punctuation and both capital and lowercase letters. It is also recommended that your password be at least 6 characters long, however the more characters in your password the belter. If you are afraid that you may forget your password, write it down and hide it in a safe place. I would also suggest that you change your password on a regular basis.

4. Always check the URL

The aim of phishing is to get the user to unknowingly share their Facebook login details with the hacker. The most common way hackers achieve this is, is by tricking the user into entering their Facebook details into a fake Facebook login page. These fake login pages are usually a near perfect copy of Facebook’s actual login page. A fake login page will usually appear after you have already logged into Facebook via the real login screen, and are usually prompted after you have clicked on a malicious link or application.  A clear indication of a fake login page is found within the URL of the page. Although hackers can make exact copies of the actual login page, they are unable to use the same URL. Whenever you login too, or are asked to re-login to Facebook, you should always make sure that the URL is www.Facebook.com. A common way hackers deceive people is by having a URL that may appear to be the same but is in fact slightly different. For Example: www.Faccbook.com or www.FBook.com.

5. Don’t grant permission to unknown or suspicious Applications  

One of the most popular features within Facebook is Applications. To be able to use, or access most applications you are required to grant access to the application to use some of your personal information and to promote the group via your wall. Most applications that ask for access are trustworthy and genuinely need access to your information, but there are some Apps out there that are designed specifically to exploit the access you give them. If you receive a “Request for Permission” from a Facebook App you should always ensure that the page asking for access is reputable, and is coming for a person or company you trust. Much like my first tip, if it looks suspicious, just don’t risk it.

6. Beware the “Smart Phone”

It is becoming increasingly more popular for Facebook users to access their accounts via their mobile phones, with many mobile phone service providers even offering free access to Facebook as part of their service. Although smart phones and free access makes it easier for users to check their Facebook accounts it may also be making it easier for hackers to hack their accounts. In many countries, the network signal provided by service providers is not encrypted, so hackers have the ability to access the data that flows between the mobile and mobile operator with relative ease. They can gain access to all of the information that the user is sending out and is receiving.

My tip is to always check to see if you service provider offers an encrypted network signal.

7. Enable Secure Browsing

In my final tip, Facebook now allows its users to put their Facebook Profile in a type of safe mode. Putting your Facebook in to this safe mode means that the information that is transferred between you and Facebook is now encrypted, meaning hackers are unable to easily intercept the information being sent and received. The safe mode is a HTTPS Secure Connection, a type of connection financial, ecommerce, banking etc sites use to protect their most sensitive information.

Secure browsing is not a default setting, so users have to enable it themselves. To enable secure browsing on your Facebook account follow these steps:

Log into your Facebook account > Choose “Account Settings” from the “Account” menu> Select “Account Security” and select “change”> Ensure there is a tick next to the “Browse Facebook on a secure connection (https) whenever possible” option > Click “Save”.

I would also recommend that while enabling Secure browsing you select “Send me an Email” under “When a new computer or mobile logs into this account”. This means that whenever someone logs into your account from an unknown access point, you will be sent an email.

Have you ever had your Facebook Account Hacked? Let us know how they did it, and what you have done to prevent it from happening again.

Related posts:

1. Facebook next on the hit list
2. Lots of friends on Facebook? Think again.
3. How to Share Facebook Advertising account

THEY are at it again, fresh from attacking the Syrian’s Ministry of Defence website the notorious hacking group Anonymous has announced that their next target will be the social networking giant, Facebook on the 5th of November.

The group of hackers has claimed participation in nearly every recent prominent hacking attack of this year. They have successfully executed attacks on 70 law enforcement websites and the Sony Playstation Network.

This recent interest in Facebook may be a result of the organisation’s recent announcement that it plans to create its own social network site called AnonPlus. After the group’s Google+ account called “Your Anon News” was taken down, they began fleshing out AnonPlus.com that has been described as a “new social network where there is no fear…of censorship…of blackout…nor of holding back.”

But an Anonymous spokesman said that even heads of the group were unsure how seriously to take the threat since the organisation doesn’t have a strict command structure and members usually mask their identities. “I found groups of people who say we absolutely are and have a trick up our sleeves, and others that say it isn’t us and that this is stupid.” said the spokesman.

But, as with all Anonymous messages only time will tell if this announcement is real, fake, just a message made by a single member to rally the rest of the real Anonymous troops or just a “keyboard hero” that claims to be from the infamous organisation.

Related posts:

1. Lots of friends on Facebook? Think again.
2. The new and improved Facebook
3. Facebook for business – Dummies guide to Facebook Send Button

The Hard Life of an Internet troll (click to Download)

In Internet slang, a troll is someone who posts inflammatory, extraneous, or off-topic messages in an online community, such as an  forums, chat room,  blog, Facebook, Twitter, with the primary intent of provoking readers into an emotional response or of otherwise disrupting normal on-topic discussion.

While the word troll and its associated verb trolling are associated with Internet discourse, media attention in recent years has made such labels subjective, with trolling describing intentionally provocative actions outside of an online context. For example, mass media uses troll to describe “a person who defaces Internet tribute sites with the aim of causing grief to families.

Trolling is a game about identity deception, albeit one that is played without the consent of most of the players.

The trollface

The troll attempts to pass as a legitimate participant, sharing the group’s common interests and concerns; the newsgroups members, if they are cognisant of trolls and other identity deceptions, attempt to both distinguish real from trolling postings, and upon judging a poster a troll, make the offending poster leave the group.

Their success at the former depends on how well they — and the troll — understand identity cues; their success at the latter depends on whether the troll’s enjoyment is sufficiently diminished or outweighed by the costs imposed by the group.

Trolls are an online cancer. Masked commentators that can ruin communities, business and damage reputations.

The continuous ingenuity of promoting anonymous comments as a sparking ignition for creativity is stupidity and shallow argument.

Things like “…permitting anonymity opens the discussion to people who would otherwise not feel free to be frank and therefore it feeds creativity – Link here“  is usually created by those with no real experience and no real impacted by trolling.

Online trolls can be costly in several ways. A troll can disrupt the discussion on a newsgroup, disseminate bad advice, and damage the feeling of trust in the newsgroup community. Furthermore, in a group that has become sensitized to trolling — where the rate of deception is high — many honestly naïve questions may be quickly rejected as trollings. This can be quite off-putting to the new user who upon venturing a first posting is immediately bombarded with angry accusations. Even if the accusation is unfounded, being branded a troll is quite damaging to one’s online reputation.

Not to talk about the reputation damage it can be caused by their hit-and-run attitude.

As Seth Godin said once, “It’s ironic that we’ve set up two very different standards for our trust. In the real world, we’re skeptical of strangers. At the supermarket the other day, someone picked up my favorite brand of olive oil. I waxed on about how great it was, and of course, the shopper put it back and bought something else instead. Online, however, we’re happy to believe whatever image someone sends along, or buy something from a spammer or to consider a fake opinion.”

Lucio

Related posts:

1. What’s the average for Likes and Comments for Facebook Pages?
2. Facebook March 2011 Understanding the changes
3. Facebook for business – Dummies guide to Facebook Send Button

123456 is a bad password and yet, it is apparently the most popular password in circulation

Imperva, a company that makes software for blocking out hackers, had the unique opportunity to analyze a data base of 32 million previously compromised (read that: stolen) passwords. The list was provided by RockYou.

In a nutshell, here’s what Imperva found by data crunching the list:

A scary number of people are ridiculously lame about their password selection.

The number one password choice was “123456″. “12345″ was number two. “123456789″ was number three.

Other top twenty hits include: “Iloveyou”, “monkey”, “babygirl” and, of course, “password” (that was #4 on the list, fyi).

Here’s another finding from Imperva that will inspire you to slap your forehead with the palm of your hand; out of 32 million passwords, there were collectively less than 5,000 unique passwords.

Clearly, there are a lot of people who share the same wedding anniversary or had daughters on the same date.

Related posts:

1. Google Business Maps – A quick guide for beginners
2. Google AdWords Australia Quick and Easy guide
3. Win people to your way of thinking and change their way to think

The program could delete all of the files on a person’s computer, use zombie PCs — those controlled by a master — to overwhelm and shut down Web sites or monitor a person’s keyboard strokes to collect private information like passwords or bank account information, experts said.

What makes the virus so powerful in its way to “infect” is the fact that it spreads through external USB storage, such as those used in pendrives, cameras, iPods and MP3, among others. The “specialty” of the virus is to find out and “steal” ALL your passwords.

Microsoft announced a reward of $ 250k for those who can identify the creators of the virus, also known as DownAdUP.

The virus also spread from a “Botnet” (network of infected computers that will “work” for virtual pirates).

As the date is known as April Fool’s Day, many Internet users already see the dozens of alerts as a false alarm, a “hoax” (known as the rumors are virtual).

Today, the Conficker is scheduled to take control of 250 sites per day. On Wednesday, would increase its strength to reach 50,000 pages per day, which may make it more difficult to locate the attack, according to Mikko Hyponen, company F-Secure, which specializes in virtual security.

It is estimated that the Conficker has already infected more than 12 million computers.

I. Description

Home users can apply a simple test for the presence of a Conficker/Downadup infection on their home computers. The presence of a Conficker/Downadup infection may be detected if a user is unable to surf to their security solution website or if they are unable to connect to the websites, by downloading detection/removal tools available free from those sites:

*http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm
*http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx
* http://www.mcafee.com

If a user is unable to reach any of these websites, it may indicate a Conficker/Downadup infection. The most recent variant of Conficker/Downadup interferes with queries for these sites, preventing a user from visiting them. If a Conficker/Downadup infection is suspected, the system or computer should be removed from the network or unplugged from the Internet – in the case for home users.

II. Solution

Advice from US-CERT

-US-CERT recommends that Windows Operating Systems users apply Microsoft security patch MS08-067 as quickly as possible to help protect themselves from the worm. They can also disable AutoRun functionality.

-Home users can apply the US-CERT test for the presence of a Conficker/Downadup infection on their home computers. The presence of an infection may be detected if users are unable to connect to their security solution Web site or if they are unable to download free detection/removal tools.

-If an infection is suspected, the system or computer should be removed from the network. In the case of home users, the computer should be unplugged from the internet.

-Instructions, support and tools you help you manually remove a Conficker/Downadup infection from a system have been published by most major security vendors.

-US-CERT recommends that computer users and administrators keep up-to-date on security patches and fixes for their operating system and install up-to-date anti-virus and anti-spyware software. A firewall will also help block attacks before they can get into your computer.

Instructions, support and more information on how to manually remove a Conficker/Downadup infection from a system have been published by major security vendors.

Please see below for a few of those sites. Each of these vendors offers free tools that can verify the presence of a Conficker/Downadup infection and remove the worm:

Symantec:

http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-011316-0247-99

Microsoft:

http://support.microsoft.com/kb/962007

http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx

More information

TheAge

Symantec

CNN

Cheers

Lucio Ribeiro

www.marketingeasy.net

Related posts:

1. How to protect your computer in 7 steps
2. Security for your Laptop