It isn’t entirely unusual that Facebook  users receive friend requests from people they do not know. Often, those  friend requests are blindly accepted in an effort to grow the  friendship base. It seems that especially people with Facebook accounts  that are primarily used for marketing purposes are more likely to accept  friend requests from people they do not know than the typical Facebook  user does.
Such accounts could be hacked  easily, and there is no ingenious hacking talent required to do so: You  simply need to walk through Facebook’s passwork recovery process with  two other Facebook friends of a targeted account.
You can easily gain access to a your friends Facebook account through a collusion approach. You have to use Facebook’s password recovery feature, which is accessible through the “Forgot your password?” link on the Facebook login page.
Once identified the Friend, Facebook suggested to recover the password via the existing email address. However, you can bypass this hurdle by clicking the “No longer have access to these?” link. In that case, Facebook asks for a new email address. In the following step, Facebook presents the security question tied to the account. However, you can also to bypass the question by typing wrong answers three times in a row. After that, Facebook provides a rather surprising way to get your account back – via the support of three friends.
 1.  First, you select three friends “you trust”. These three friends then  receive a code, which is required to change the account password.
1.  First, you select three friends “you trust”. These three friends then  receive a code, which is required to change the account password.2. Select yourself and immediately received a code from  Facebook. With those three codes, you can easily change the password for  the targeted account.
3. The problem clearly is that three friends you do not  really know and cannot trust could potentially gain access to the victim  Facebook account – through the standard password recovery feature.
4. To bypass problem mentioned in step 3 .social engineering Create your own 2 more fake profiles and add the victim as a friend on facebook. Now get all the 3 codes and you are done.
NOTE: The targeted account will be locked for 24 hours after this password change and the user’s old email address receives a notification of the password change as well as the names of the three friends who were given the codes. However, if these are friends with fake names, it doesn’t quite matter that you now know their names.
NOTE: The targeted account will be locked for 24 hours after this password change and the user’s old email address receives a notification of the password change as well as the names of the three friends who were given the codes. However, if these are friends with fake names, it doesn’t quite matter that you now know their names.
Now if a Facebook user could in fact be in a situation when a  Facebook account is not checked within a 24-hour period, particularly  since we enjoy to flaunt our activities through Facebook status  messages. And if the account is checked frequently, the account depends  on Facebook’s response time, which can easily stretch to a number of  days.
 
0 comments:
Post a Comment