Showing posts with label Hack Facebook. Show all posts
Showing posts with label Hack Facebook. Show all posts

Friday, September 9, 2011

New Facebook Hacking Tool ~Stealing Facebook profile information

A new facebook hacking tool is released .  It can steal the information from victims like photos,friends list and other information.  Using that , an attacker is able to create fake profile page or they may get enough information to hack your accounts(security question).

Here is the full detail about the Tool:
Facebook Profile Dumper

This is for educational purpose only.  Prevent you from attackers.  Don't accept invitation from stranger. Even if you get request from your friends, verify whether it is real profile or fake.
Continue   Reading>>

Nicole's baby kicking video is a Facebook scam

There is new Facebook scam spreading .  The scam post:
AWESOME Video "Nicole's Baby Kicking - The Belly View - Unbelievable"
An amazing view of a baby kicking and moving his way out of the belly while at the beach.

There is, indeed, a real YouTube video of a heavily pregnant woman called Nicole, sunbathing on a beach. It was posted in May 2009 and has had over 3.5 million views so far.

The thing is, however, if you really want to watch the video: go to YouTube.

Don't click on the link being spread across Facebook. Because if you do, you are taken to a third-party website which insists you have to share the link with your Facebook friends before you can watch the video clip.

it was advertising the controversial Scientology organisation. One wonders if the scammers are earning revenue by driving traffic to the page.

You should always be suspicious of links like this being shared by your Facebook friends. The safest place to watch "viral" videos is on YouTube itself (and other established video websites such as Vimeo), or you could find yourself being asked to complete money-making surveys or imparting your personal information.

Tips from Nakedsecurity
Continue   Reading>>

Sunday, August 21, 2011

Advanced Tabnabbing -Phishing Attack simplified

What is Tabnabbing ? 
Tabnabbing is Phishing attack that simplifies the phishing.The attack's name was coined in early 2010 by Aza Raskin, a security researcher and design expert.  This will reload the inactive tabs with fake page .

How The Attack Works ?
  • A user navigates to your normal looking site.
  • A malicious code detect when the page has lost its focus and hasn’t been interacted with for a while.
  • Replace the favicon with the Gmail favicon, the title with “Gmail: Email from Google”, and the page with a Gmail login look-a-like. This can all be done with just a little bit of Javascript that takes place instantly.
  • As the user scans their many open tabs, the favicon and title act as a strong visual cue—memory is malleable and moldable and the user will most likely simply think they left a Gmail tab open. When they click back to the fake Gmail tab, they’ll see the standard Gmail login page, assume they’ve been logged out, and provide their credentials to log in. The attack preys on the perceived immutability of tabs.
  • After the user has entered their login information and you’ve sent it back to your server, you redirect them to Gmail. Because they were never logged out in the first place, it will appear as if the login was successful.

Targeted Attacks:

Using my CSS history miner you can detect which site a visitor uses and then attack that site (although this is no longer possible in Firefox betas). For example, you can detect if a visitor is a Facebook user, Citibank user, Twitter user, etc., and then switch the page to the appropriate login screen and favicon on demand.

Even more deviously, there are various methods to know whether a user is currently logged into a service. These methods range from timing attacks on image loads, to seeing where errors occur when you load an HTML webpage in a script tag*. Once you know what services a user is currently logged in to, the attack becomes even more effective.

You can make this attack even more effective by changing the copy: Instead of having just a login screen, you can mention that the session has timed out and the user needs to re-authenticate. This happens often on bank websites, which makes them even more susceptible to this kind of attack.

You can get this code from here:

How to protect yourself from this hack?
  • You can use a safe browser that uses anti-javascript plugins (Firefox with noscript). Note: Advanced Tabnabbing will work even javascript is not enabled. 
  • Check the url in the address bar.
  • If you got link in emails, enter the url in address bar instead of clickin it.
  • You can use some Anit Phishing add ons like(Don't Phish me,Netcraft,FirePhish) .

Continue   Reading>>

Saturday, August 20, 2011

Bikini-clad women and photo tags | Facebook scammers

I have explained about Facebook scamming in my previous posts.  Still people believe that "Facebook will provide Facebook visitors tracker".  If you believe also, please read this article.  This is not only for Facebook users but also for twitter users.

Continue   Reading>>

Saturday, August 13, 2011

Facebook Status Update With XFBML Injection-Facebook Hacking Tweaks

In my last post, i explained how to insert HTML button in faecbook status. Now we are going to see some other Facebook Tricks using XFBML Injection.
Login to your Facebook
Paste the one of following code in address bar and hit enter.
Press the Share button.  Now go to your profile.

Continue   Reading>>
Older Post Home

© Break The Security. Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted into Blogger Template by Bloganol dot com