When a person is compromised, it can ruin their reputation and cost thousands of dollars in ad revenue. That’s exactly what happened to Dale Berry, the owner of an elementary school English academy in Japan who got his Facebook account compromised by scammers. Hackers used his account to display fraudulent ads, destroying his business and destroying his reputation.
The hackers initially targeted users with weak passwords like “qwerty” and “password.” Once they have access to an account, they look at the top five most popular friends and then impersonate one of them to ask for the password reset code. The hackers then make use of a security feature which allows people to add trusted contacts to their account in the event that they forget their password. They can request these trusted friends to send them the one-time code that will allow them access to the account.
Another method for hackers to gain access accounts is to buy stolen login information. Recently an inventory of 26 million Amazon, LinkedIn, and Facebook passwords were found available on the dark web. A large portion of them were leaked through custom Trojan malware that hacked into millions of Windows-based devices between the year 2018 through 2020.
Users can be protected from these attacks by checking that the address bar of their browser is Facebook and not a different website. It is also recommended to use a password that combines numbers spaces, letters and spaces and never duplicate the same password across other email or social media accounts. In addition they should be checking their activity alerts regularly. Twitter, for instance, sends out notifications when users sign into the account from a new location or device.