Discorver How Social Media Accounts are Hacked with Phising

In the recent time, this and similar methods are some of the hacking tricks that Facebook users have been falling victim of. In Cyber Security, we call this method that these idiots are using PHISHING. It is a way of cloning an original website or a software to look just like original one whereas it is a fake one. It could be used for other than Facebook. It is used to hack people’s bank accounts, school account credentials and others portals or websites.
How to detect a PHISHING link;
– Master format of link to your specific app or website. Compare the one shared to you if you find a clear difference or slight difference, it is fake or cloned link built to hijack your account details. So, delete it immediately.
Original link:
Cloned/fake Facebook link:
(in this last example, take note, the difference is the FBOOK.COM , this implies that you are already visiting a different website/domain to Facebook but the criminal has confused you as a layman with the inclusion of Facebook.
Therefore, whenever you see a name followed by dot (.) before an actual domain extension (domain extension are .com, .org, .com.ng etc) That name followed by the domain name is called a subdomain on another website stylishly presented to you with a confusing similar name to what you would believe it was what you used know. The same could be done to Gmail, Yahoo, your website and others just in order to hijack your login access.
What’s the implication of accessing these cloned links?
1. You’ll be asked that you need to login to your account.
2. When you put in your details, it will not load up but you will think it is a technical error from the original website but the original website didn’t know anything about this cloned website. Once you put in your details, the hijacker has a mail attached to the login form on that fake page you are, once you click on LOGIN (or as the case may be) the details you’ve just entered will be delivered to the mail he attached to that form.
What will he do after that?
– He will use the just acquired details, e.g mail, phone number and password, to access your original account from the original website.
– He will change your password after accessing your account.
– He will update your credentials to his own and delete yours completely from the account.
– You’ve been just hacked.
– They send the same message your social media platforms used to send to you when you change your password, just the same text but the link that will be attached to it which is an hyperlink (a clickable text that does not show the link attached to it is hyperlink), e.g “Click here” , “enroll now”, “change your password” etc. If you notice, if you receive that type of mail, you’ll not see the link that’s redirecting you but you can confirm the link from your web address browser when you’ve landed on the page. Don’t worry at this juncture, you have not been hacked until you’ve put your details to the required field and clicked.
The question is, did you change password? No.
So, if they ask you to click on the link to update your password if you didn’t change any password, if it were you what will you do?
Yes, of course, you would click to update your password. That’s how you are hacked because the message was not sent to you by Facebook in the first place.
If you receive such message what ideally should you do?
– If you receive such message and you didn’t change any password, just delete and ignore the message.
– Now go to your Facebook (or as the case may be) account to change your password directly from that official platform or app because your exiting password might have been compromised.
So, look at links you visit properly before you leave of visit any link.
– Yūnus Olukodo,
Tags: No tags

One Response

Add a Comment

Your email address will not be published. Required fields are marked *