Now many victims began to fall due to efforts to hijack facebook accounts that

use social engineering techniques. Especially utilizing the weaknesses ofaccount procedures

free e-maillike Yahoo! The mail.

Someone or a cracker can pretend to be you and try to get unauthorized access

and hijack your email account. You do this by following theloss procedure


Usually free e-mail services will ask for a few key words for confirmation

such as a combination of “where is your honeymoon?” Or “what is the name ofpet

your first” or “what is your favorite uncle or aunt’s name?”. The answer

or keyword from a confirmation question like this you used to fill in when you first

registered the email account.

Now through Facebook, someone or a cracker can easily trick you. He

would pretend to apply as your friend. Then find out your email address.

When he learns that you are using a free e-mail address, he starts

inviting you to communicate. In a certain way he will dig up some information

that you should keep secret.

Once you provide the information needed to access theloss procedure

passwordin the free e-mail account service, the cracker will control your e-mail account.

Then he will do the same procedure to your Facebook account, which is Purapura

forgot the password and tried to hijack it.

Facebook will usually send a “temporary password” e-mail to your primary e-mail address

which unfortunately has been controlled by the cracker. So he easily mastered youraccount

Facebooktoo. Once he changes your Facebook account password, then

you will be refused access to your own Facebook account.

A cracker who hijacks your facebook account will usually use it for

some evil purposes. The first is to impersonate or falsify your

identity with a view to defaming, vilifying and degrading your dignity

as the real account owner. For example, he attacked and perform an

action that is not like your friends so that in the real world, everyone becomes

hostile to you without you knowing it.

The second is to fool your friends. There have been many reports abroad

and also in Indonesia, that a number of people were asked for help by old friends on Facebook to send some money for several reasons, the classic is to

admit to robbery or robbery or on weekends can not take money for

treatment etc. Or inviting to trade something, but actually the facebook account has been

hijacked by

someone else.

* Prevention Tips *

1. Do not easily accept friend requests from people who you do not

know, especially those who do not have mutual friends.

2. You always have the opportunity to confirm a friend who is

in a mutual friend of someone who is trying to ask for

friendship. Because that’s one of the uses Facebook displays

mutual friend information, so you can verify it first. If

your friend references and confirms the validity of the prospective friend then the

“proposal” can be considered for acceptance.

3. Another way to confirm a friend request is to send a message

to the person concerned. With this communication you

can ask who he really is (often the account name displayed is a

nickname or alias name that does not help you to

remember who the prospective friend is) and make other necessary confirmations.

For example, communicating off line (telephone) or meeting on line web cam or

even off line is another way to confirm the validity of prospective friends.

4. Do not rush and be careful in conveying a number of personal information that at

first glance does not seem important but in fact

is the key to breaking into your email account. Questions that seem to

show enthusiasm for the same thing (pets, favorite tourist attractions

, stories about families, installing a photo album of certain events etc.) can accidentally

expose personal information that you should keep secret.

5. You may unknowingly expose confidential information that should have it in

your profile. Or in the words caption in your photo album.

For example writing the name of your beloved animal just below the picture and there are even people

who specifically made a facebook account for their pets, complete

with all their profiles. Or put a photo and mention the location of the honeymoon and or

tag family photos (including your favorite uncle) etc.

Various accidental things like that.

6. Be careful and think over and over the possible benefits and disadvantages if you

have to display personal information oninfo page

your facebook account. You have the choice not to write that information, for example

a pet, actually if anyone wants to know, you

can ask it personally through the message facility directly to you. You

can also choose settings to limit other people’s access to

certain information on your Facebook account. For example you can hideaddresses

email. Take advantage of this Facebook account security settings feature

as much as possible and think about it.

7. As much as possible and if possible avoid using free email

services for your Facebook account. Use a local email account, for example, provided

by your office (if allowed to be private), rent an email account to an ISP (actually

cheap or even free if you become an ISP customer) or youyour

createown private domain and ask for hosting services to make it , if you don’t have your own technical skills. In essence, a local ore-mail account

ownis safer than this technique of social engineering attacks mainly because the procedure for

confirming lost passwords or if a compromise occurs is usually done

manually with off line identification techniques not by automated systems but using

security algorithms that are too simple such as services free email.

8. Always add a secondary email address on your Facebook account and also on theaccount

free emailthat you use if you really have no choice but to

use the service. Hide or don’t ever show

anyone for any reason your secondary email address. And periodically change

all of your passwords according to security recommendations such as using a combination of letters,

numbers and special characters and a password length of at least 6 or 8 characters that are difficultguess

for others toand if it is difficult to memorize, do not keep the notes in an easily

known place. Or use the password management application facility to help you. There are

many free.

9. Although it’s not uncommon, but for security’s sake, backup your friend list data.

Important information such as the name of the account profile, Facebook page url, e-mail address and

telephone (if any). So if something happens you can immediately give a

warning, for example via email and will be useful if you openaccount

a new Facebookand are forced to enter one more by your friend list

. Backup is a bit troublesome but it’s important.

10. If you are already a victim of piracy on your Facebook account, you can

do 4 things.

1. First, warn everyone that your account has been hijacked. This effort you can

do through various channels such as email, telephone, mailing lists, chat, blogs etc. In order to

prevent other people, your friends, your family’s in the friend list becomes a victimfraud,for

of example.

2. Second, it’s worth as soon as possible (you race with the hijacker before he changes youraddress

primary and secondary email) trying to get your account back through the

procedure of forgetting or losing the password. If successful, immediately change your e-mail address and

password, and don’t hide it by changingaccount security settings

your. Do not rush to log out to prevent the hijacker from trying to take over too.

And don’t log out until you have successfully changed your primary and secondary email addresses

and filled in new passwords while applying moresecurity settings

closed(protecting / hiding your email address).

3. Third, report to the Facebook security team that your account has been hacked, the

address is: or if the link has changed you

can look for it on the HELP page. You will be asked to fill in the form and thenwill

therebe a correspondence with the Facebook security team who will try to confirm the

truth of your report and if all goes well, maybe your account can be

returned. But make sure that before reporting, you already haveaddress

a new and safe email.

4. Fourth, if all attempts to restore your account fail, then immediately

open a new Facebook account, secure the information so that no more hijacked people and add

all your friends (hopefully you do a back up). Then together invite

them all to report your old hijacked account. As an account that

does abuse, fraud, compromise and impersonating so that it will later be closed or

blocked by Facebook.

Finally, do not use the same email address, username and password for all

online services that you follow. Always update your knowledge about the security issues of

social networking services and be vigilant when active in cyberspace.


Please enter your comment!
Please enter your name here