**URGENT** How To Prevent Your Facebook Account Getting Hacked…
Yesterday I received an email from a good friend of mine on Facebook to say that he'd just had his Facebook account hacked into and the hackers sent a message out to all his friends. (Neither of us have clicked on the link in the email so we aren't sure what the site is).
So, to his friends it looked like the message was coming from him and many people would have clicked the link.
Imagine the devestating effect that would have on your network marketing relationships… Make sure it doesn't happen to you.
I wanted to bring this information out to you as soon as possible to help protect you, so I've recorded a couple of videos…
Watch my first video to learn more about what's going on. Once you've watched the first video, watch the second video to learn how to protect yourself.
Here are the messages exchanged between myself and my friend… I've blurred his name out for Facebook privacy.
How To Protect Yourself.
Watch this video as I show you one of the methods I use to protect myself against this sort of thing.
Action Steps
1. Go to http://strongpasswordgenerator.com and change your Facebook password to a new password which is much stronger.
2. Generate yourself a new password using either 7 or 14 characters. (You can use symbols to be even more secure, or untick the box for an easier to remember password.)
3. Go to your Facebook account > Click on Settings > Account Settings > Password and change your password.
4. Remember your new password using Roboform or Firefox password manager, or search in Google for password managers.
I couldn't operate online without Roboform, Roboform2Go, GoodSync and Roboform online. I store all my passwords and usernames inside and I can protect it with a master password incase my computer gets stolen.
5. If you've followed the instructions in this post, click on the Re-Tweet button and pass it to your twitter friends, and add me a comment at the bottom so I know you've found it valuable or how I can improve it to help other people.
6. Share this post and video with your Facebook friends (just click on the share on Facebook button at the top of the post) so they can learn about this and change their passwords to something more secure.
Leave a Comment
Filed under Blog by 
Comments on **URGENT** How To Prevent Your Facebook Account Getting Hacked…
This is great and I love Robo form. I highly recommend using it.Thanks for this clear and precise training video.
Beverly
Gavin,
This is timely information for all Facebook users. I've been the victim of those attacks, as I clicked on link that I assumed was from a friend. I've been paying for it ever since by receiving a large amount of "interesting" spam. I'll do myself, and my friends, a favor by taking your advice immediately! Thanks for walking us thru the process.
Thanks Becky and Beverly, much appreciated for your comments.
I've been finding out from a good friend of mine who will be commenting here soon, that this goes much deeper than just changing our passwords.
Make sure you read what Kimberly has to say as she is very savvy when it comes to this kind of thing.
Thanks again,
Gavin
Your idea is sound for basic, human-based account hacking tips. It will HELP. However, for the two most common Facebook hacks (of three going around atm) this will not work.
The first most common facebook hack is actually phishing, where the user is sent an email that says a friend has left them a comment and log in to see it… which then gives them a l ink to a login page, that is fake. Roboform may or may not catch this because of the domain masking many are using. Since the site will visually look correct, many users assume that the auto-entry just failed and will manually enter their password, regardless of how secure, here. Assuming Roboforms refuses to enter the password, and the user is KEEN enough to realize whats occurred, they could be protected, but this is a human variable that fails most of the time. If it didnt, they'd never have clicked the unusual Facebook link that was emailed to them in the first place. (Phishing is the approach most-often used to get banking logins from individuals.)
The second common form at this time is infected video links. These are nothing short of evil. When the link is clicked, in the "hand-off" process as you move from Facebook to the video site, as the flashplayer opens, your credentials are scraped by the code. Roboforms cant stop this, strong passwords wont stop this, its a pure-read of the password which is what makes it so difficult to stop. Then a video of some sort plays, and the user watches it, perhaps a little puzzled, or thinking it was cheesy, but essentially unaware they've just been stolen from.
The story of how we get to this point though is important. Someone (infected), usually a close friend, posted an infected video link either to the wall or to the inbox of the soon-to-be-infected person. A lot of these say "I saw what you did last weekend" or "Is this you?" or "check out this rockin' video" (something that is generic)… and it entices a user to follow it. These are links we might not normally follow, but because they come from a close friend, people's guard is down. These links all take you off-site (so far, currently I've seen no "filmed in facebook" infections, but are a possibility in the future), they're either youtube or a short-link, and they're stored somewhere else, but you don't know that till too late. In fact, most watch the video and never know it was a problem until 2 days or a week later, when their account goes nuts and starts spamming people!
Here is a little more technical information on one of the infected video variants:
http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=212202208
shortlink: http://bit.ly/7KdwBM
Do you see how these links are terrible for those of us in networking using video that isn't dangerous?
Sadly we still have no good solution for these, except avoidance. Its why its best for marketers to fully link their un-shortened link video, into Facebook, so its obvious that its at least a real video on the other end. Also, when you post a video, leave a "first comment" that is detailed enough that it has to be from you, this will prove your not a virus bot. The best advice we can give is to advise our network never to click suspicious stuff – even if it comes from them – until you've asked about the suspicious link and been confident it came directly from a friend's hands.
When either of these hack types happen, usually the first advice is to log in as soon as possible and change your facebook passwords. That USUALLY does stop the issue in its tracks. However, in some other forms of hackery, a virus is suspected to be present, and a full review of your PC's health is in order. A good anti-virus, a good anti-spyware, and a good firewall should all be standard issue on any pc. Keep them up to date, running, and double-check that they're doing a good job often.
Thank Gavin
I send this to my FB ACC and i will send the info to the group also.
Theuns
Gavin, Thanks for the GREAT information. I changed my password immediately, sent a tweet out for you and shared your article on Facebook. Hopefully a lot of others will watch this and be spared the grief of having their account hacked!
All the best,
Darlene
Thanks for highlighting this issue for everyone. I have, so far, had 3 of these viruses and they have all followed a pattern.
They all contain a "lol" or a "rofl" and all say that there is "something that you need to see" Click on the link.
When you click on the link you are taken to a page that looks like an identical facebook login page (except it isn't a legit page – it is the hackers page).
Here is one of the ones that was sent to me
"LOL! someone showed me this video of you that they found, watch it rofl http://fyad.org/10….."
(Dont worry Facebook have made this link safe now)
How the hackers get your password – encrypted or not, is that the person, thinking this is a legit page enters their password and BINGO…… they have your password. The rogue login page then just takes you back to your facebook profile. But damage done!! You have happily entered your password – new or old and the hackers can now compromise your account!!
So the important thing to look for with any link is what does it say in the address bar after the "http://" If facebook is not one of the first words in the address then it is probably a hacked page.
I have just created a video response to your video Gavin and added some information on how they actually work.
http://www.youtube.com/watch?v=EIou8xkKehM&feature=youtube_gdata
Brilliant feedback so far everyone… make sure you read Kimberly's comment above as it contains some very important information.
Also, take a look at Alix Martin's video above. Again, some more fantastic information to help protect us against the hackers…
@darlenedavis – Great to hear from you and excellent for changing your pw to something powerful.
@Theuns – Great to see you here as always…
If anyone else has any further information to add to this post, feel free to take part in the discussion. Record a video, share the link, get some publicity because this post is being looked at by A LOT of people.
Check out this old post I made also http://www.gavinmountford.com/blog/important-skype-virus-security-alert/ – Although there aren't many comments on this one, there are 25+ comments on the video in Facebook…
Hey Gavin I too had a friend drop off of facebook because hackers sent a message out to all her friends. I wasn't sure how to help her but this is great info. Thanks.
Gavin, just used this it is great. I have been using RoboForm for years, really a great tool.
Hi Gavin,
Thanks for the advice, just the other day I herd of a close friend of mine who had his account hacked in a similer way, this is becming a more comon problem, and it is great that you have highlighted this
@Kimberly Castleberry:
Kimberly…. I think between you me and Gavin we have pretty much covered it!! Great comment. Thanks
For password management I use Sticky Password manager. For me it is better then Roboform, because it is not delivered in a toolbar, but it is integrated and also it works with applications.
http://www.stickypassword.com
Hi Gavin,
I have just received another separate warning,
<<< !!!!!ATTENTION ATTENTION!!!!Someone is sending out a very cute screensaver of the Budweiser Frogs.
If you download it, you will lose everything! Your hard drive will crash DO NOT DOWNLOAD IT UNDER ANY CIRCUMSTANCES!
It just went into circulation yesterday. Please distribute this message.This is a new, very malicious virus and not many people know about it. This information was announced yesterday morning from Microsoft. Please share it with everyone that might access the Internet.
Once again, Pass This on Please
Thanks for this post Gavin and all you folks out there who shared your solutions. This one solves my problem on FB. I'll surely share this good news too.
Gavin,
Another great and insightful post. It's amazing but not surprising how easy it is for some to do more harm than good. You've outlined some good steps to take when protecting yourself online.
thanks for sharing your valuable information.
Ken Pickard
The Network Dad
I love facebooking. I also want to keep my account secure, but hacker like those made it difficult. thanks for the post.
Thanks man, Precaution is always Better than cure.
Thanks for the heads up, Gavin. Since you seem quite attached to your cellphone (see: all photos on this site) beware of the ways that your password can be stolen from you through mobile devices.
You should have titled it "**URGENT** How To Prevent Your Facebook Account Getting Hacked (AGAIN!)…
Thanks for the tips.
@Kimberly Castleberry:
Kimberly and others,
as a solution to the shortened links/urls problem, try my bookmarklet that replaces all shortened links on a web page with just one click.
Get it here: http://urlsniffer.info
Enjoy
Oleg
Wish would have seen this few months back. I lost my facebook account with 3k fans last month. Anyway, will be taken care in future and thanks for your great post