POST TIME: 27 October, 2019 12:01:28 AM / LAST MODIFIED: 27 October, 2019 03:45:25 PM
Here’s what you should do if FB account hacked

Here’s what you should do if FB account hacked

How do you protect your identity on Facebook? This has become relevant at a time when identity theft on Facebook, the most popular social networking site in Bangladesh, is regularly brewing trouble. The problem has hit close to home in Bhola where four people were recently killed over a rumor spread from a hacked Facebook account.

According to the Bangladesh Telecommu­nication Regulatory Commission (BTRC), there are over 28 million active Facebook accounts in the country. There are 22 million active Facebook users in Dhaka alone, accounting for 1.1 per cent of the total monthly active users of the social networking site around the globe, says a study conducted by We Are Social and Hootsuit. Experts say Facebook accounts are not totally foolproof even with its latest set of privacy controls.

With 17.1 billion users per month, Facebook is the Internet’s busiest social networking site, which makes it a popular destination for hackers.

“Considering the amount of personal information on your account, it’s important to know how to protect it against hacking,” Md Assalatuzzaman, a cyber security expert, told The Independent.

He said most Facebook accounts are hacked by phishing. “This is when the hacker ‘fishes’ for your information by creating a portal that looks identical to Facebook’s main page. Next, they send out an email asking you to log in. If you enter your email and password, this information is automatically recorded by the hacker for future use.

This compromises youraccount.” Another popular way to hack a Facebook account is Keylogging. “Even a tech-savvy person can have a keylogging virus on their electronic device and not realise it. A keylogger program records everything that you type into your computer, tablet, or cell phone,” said Assalatuzzaman.

He also said the stolen information can include passwords, banking numbers, and other confidential data, which is transmitted to the hacker using TP or email.

A keylogging attack can easily result in identity theft, he added.

Assalatuzzaman, who is also the CEO of Prolific Analytics, said a stored password in Facebook creates another scope for hackers. “Your device’s stored password feature remembers your passwords, so you don’t have to log in. While this makes your life easier in the short-term, it’s not recommended for security reasons.”

Referring to a global study conducted by the CNET, Assalatuzzaman said around 80 per cent of Facebook users still store passwords in the device. “You need to think long-term because if someone hacks into your password manager, they’ll have no problem getting into your account using this saved information,” he added.

Moreover, if a person logs into Facebook on a public network, he/she should be wary of sidejacking. “During a sidejacking attack, the hacker steals your access to a website. This breach allows the hacker to impersonate you for the duration of your session. It’s also known as session hijacking or cookie hijacking as stolen cookies allow the hacker to break in,” he explained.

About the security cautions against Facebook hacking, the cyber security expert said a person should never leave his/her cell phone unattended, should not trust public networks, and always log out after using Facebook.

Talking with The Independent, Nazmul Islam, additional deputy commissioner of the cyber security unit of Dhaka Metropolitan Police (DMP), said if a person suspects that his/her account has been hacked, there are few simple ways to confirm it. “There is a simple way to check. Go to Facebook settings page. Now select security and log-in. A new menu will pop up.”

A list of all of the devices that the person has logged into and their locations will be popped up. If there is a login that is not being recognised, chances are that the account might have been hacked.  “If you see anything that isn’t you, click End Activity on the right side of the log to end the session. The hacker will be logged out temporarily,” said Nazmul.

“Once you click on End Activity, change your password right away. Next, get Facebook’s help. Facebook has a system to help you if you’ve been hacked,” he added.

Upon going into the Facebook Help page, the person should click on ‘I think my account was hacked or someone is using it without my permission’. Next, he/she should click on ‘secure it’. “Facebook will take you to a page where you log in and then go about the steps to secure your account,” said Nazmul.

He also said in case of sensitive issues as the Bhola incident, it is better to file a general diary in the local police station. If any allegation against the stolen account is made, the real holder of the account then could produce the GD to keep himself/herself from any legal tangles.