Hacking Facebook account post going viral.
A piece of code for Hacking Facebook account was recently found being posted in many groups. The post has given away a piece of code put on Google Docs to be copied and pasted in your browser. The code is said to be effective only when you have logged into your Facebook account. The code gives you the password for the user account you had requested credentials.
Now wait a minute if you have read this, don’t fall for it, don’t go looking for it over internet. The code basically is a scam. Instead of hacking others account you compromise your own account.
You will soon receive notifications stating that you had liked and followed pages. So basically you have been tricked to like and follow pages without your knowledge.
What is this scam?
A post with “Updated link for Facebook Hacking” having a video showing the procedure went viral. Many users followed the instructions and were asked to wait two hours before they could get the credential of the account they intended.In the mean time the users would start receiving notifications about their page likes and follows.
Such videos and links for Hacking Facebook account are circulated time and again.However users fall in the trap and end up compromising their account.
What is this type of scam called?
This type of scam is called self-XSS (self cross-site scripting). Cross-Site scripting is basically where a attacker tricks a user to open a client side script in his browser. This method is known as client side injection.
The script tricks are basically targeted towards authenticated user accounts. Such type of attacks are the easiest way to gain access over the user accounts and behaviors.
Defense against such attacks.
There are plugins like No-script for Mozilla Firefox which defend against client side scripting. Disabling scripting in browsers can defend against such attacks. The most significant problem with blocking all scripts on all websites by default is substantial reduction in functionality and responsiveness.
The best defense against such scripts is understanding that while being socially active you need to be disciplined in order to safeguard your information. It is important to understand that the best things in the world have their bad sides too so use them wisely.