Watch the video below to learn how to use our hacker
How to hack a Facebook account
How to hack a Facebook account or online Facebook hacker are some of the keywords that are searched for most these days. Throughout this (extremely long!) article, I will describe various methods on how a third party could have someones Facebook account password as well as how you can avoid getting your own Facebook account hacked.
I have been the head IT security for a major firm for a couple of years, and in private, people tend to ask a lot of the same questions:
- Do FB hacking software really exist?
- Where can I get a free online Facebook cracker?
- I have forgot my password. Do you know of a Facebook password finder?
- Can you teach me how to hack someones Facebook password?
Until we developed our patented Blue Portal Facebook Password Hacker, no tool existed that could hack a Facebook account automatically. A quick web search will show you that a lot of sites offer such services, however, I can guarantee you that our Facebook password hacker is the only working one.
Most of the other sites will either ask you to fill out a survey, or even make a payment to some foreign account. Even after doing this, you will still not receive an incorrect username and password since their Facebook hacker really does not work. All these fake services do is waste your time and money and for this reason, our FB password finder only asks you to make a payment once the account has actually been hacked successfully.
If you don't have any money, or simply want to learn how to hack a Facebook on your own then read on; in this article we will explain in detail exactly how to do that.
Before we get into too much detail, it is worth noting that the methods below are somewhat generic which means that they will work for any social media website such as Instagram, Twitter, LinkedIn, SnapChat etc.
One of the most common ways to hack not only Facebook passwords, but passwords in general is by phishing. Phishing is very popular, mainly because it is so easy to set up a phishing page. Furthermore, detecting a phishing attack is getting harder and harder despite the numerous safety efforts done by browsers such as Google Chrome and Mozilla Firefox. For example, complex schemes such as homograph phishing attacks are next to impossible to detect by browsers and users alike.
So... what is phishing?
This allows the phisher to steal usernames and passwords from the visitor once he tries to log onto the phishing site with his real credentials.
So, in order to hack specific persons Facebook page, you will first have to design a page that looks exactly like the login page at Facebook, but on a different domain name. For example, you could register the domain name facebook-login.com, facebo0k.com etc. Essentially any domain name that at a first glance looks like facebook.com will work. The whole point of phishing is that the user clicks the phishing link from an email, forum or another media without suspecting anything. He then enters his username and password which is saved in the hackers database. Once the victim clicks the log in button he is redirected to facebook.com and can simply log in again on the real site.
Some people learn better by a practical example:
A malicious hacker who want to hack Alex' Facebook account uploads a Facebook login page to his domain faceb00k.com. The hacker then sends Alex an email telling him that he needs to change his password. The email looks like a legitimate email coming from facebook.com so Alex happily clicks the link in the email that leads to the hackers' phishing page. Once Alex has entered his username and password it gets sent to the hackers email and he can now proceed to log into Alex FB account and do as he pleases.
Now, you might wonder how on earth Alex could have protected himself against the phishing attack. The main thing you can do is to never log into a page that was linked to. If you need to log into Facebook then manually type facebook.com in your browser. This way, you never expose your login details to the hacker since you never typed your username or password onto his site. Of course, this is very annoying in the long run however it is the best approach to protect your FB account against phishers.
You can also check the domain name of the URL to manually verify that the site is actually the one it pretends to be. This is generally a safe method as well, however advanced attacks such as homograph attacks will still fool you in this case.
Below, we have shown pictures of a couple of Facebook phishing sites, check them out and see if you can spot the differences between those and the real site.
Even though the above site has an SSL certificate, it is not authentic. People often confuse a site having an SSL certificate with it being authentic. Obtaining an SSL certificate these days is very easy as several services such as CloudFlare provide them completely free of charge.
While this URL does not contain HTTPS, it still looks very similar to the real Facebook domain.
This article is a work in progress, therefore we will gradually update it with new hacking methods so stay tuned.