This post was originally published on the Examiner.com
Hackers have about 800 million reasons to target Facebook. The social network’s colossal user base makes it a goldmine for data and personal information—it’s no wonder people would want to get a piece of it. But who exactly are the “bad guys” behind Facebook exploits? What do they get out of it, and more importantly, what happens to all the information that they collect?
Types of Hackers
Joseph Steinberg, CEO of Internet security company, Green Armor Solutions, classifies Facebook hackers into five types. For one, there are scammers that are looking for information that they can monetize, and there are also those who are just digging for data. Then there are what the industry calls “hactivists” that do it support a cause that they consider righteous. Additionally, foreign government spies may also attempt to exploit Facebook’s vulnerabilities (though Steinberg states that to date, these people “seem to be primarily focused on other areas”); and of course, there are those who do it simply to cause mischief (last month’s Facebook porn and violence exploit comes to mind).
Hackers have various intentions for doing it. Money is an obvious reason, but aside from that, Steinberg shares that some hackers collect “information that may be of use for other purposes, such as info about an ex-spouse that may be useful in a divorce or child-custody case.” In addition, Ben Thomas, VP of Product and Security at Backupify states that some people hack the social network for revenge or even mere curiosity.
Facebook hackers or scammers also have numerous “weapons of choice.” Thomas mentions that the most common types of attacks involve key loggers, social engineering, mobile phone attacks, phishing attacks, and exploiting unpatched web browsers.
Steinberg furthers that Facebook users with publicly viewable profiles are vulnerable to attacks because it “often indicates a person is not so security savvy, and is willing to share lots of info about themselves.”
To learn more about the different types of Facebook attacks, users should visit the social network’s Security Page.
The Markets for Stolen Data
Hackers that wish to monetize the data that they collected from Facebook can do so in a number of ways. Thomas shares that “accounts are resold on underground forums. Spammers buy these accounts to spam out links to affiliate offers, porn sites, and other products.” Account information, credit card numbers and user data are in demand in an after market, and can often be sold to the highest bidder.
However, not everyone who purchases stolen data actually knows that the information was illegally acquired. Thomas adds that there are times when “access to accounts is proxied and people are just buying clicks. Clicks can come from anywhere and these accounts are just serving as another ad network.”
What to Do Before or After an Attack
When it comes to a person’s health, doctors often say that “prevention is better than cure.” The same goes for the health of a Facebook account. According to Fred Wolens of Facebook Public Policy, in order to protect themselves, users should “never copy and paste an unknown code into the address bar.” He also recommends using an up-to-date browser, as well as flagging suspicious behavior or content on other accounts.”
On the other hand, users whose accounts were already hacked must be quick to remedy the situation. Aside from changing their password, Steinberg advices that they run Internet Security software to catch malware or junk that may have been left after the breach. Posting warnings and sending out messages to friends about the hack would also be helpful. Finally, Steinberg says that people should take it as a learning experience and not let it happen again. “The Internet is not a safe place, and Facebook is no different.”
Morevoer, according to Wolens, users who wish to re-secure their account if they think that they’ve been hacked can visit http://www.facebook.com/hacked.
Image credit: Global X on Flickr