5 common mistakes that give crooks access to Facebook accounts

Unfortunately, having a strong password to keep the bad guys out of your Facebook account isn’t the only thing users need to be aware of. Our Facebook accounts are a treasure trove of information about us, and cyber crooks would relish the chance of gaining access to them. Not only because they can access our information contained within, but because it also affords them the ability to pretend to be us in order to reach out to and scam our Facebook friends.

Many of the tricks crooks use to lure us into handing over control of our Facebook accounts have been around for a long time. Yet they still work because users are still making the same old common mistakes with their account security.

We describe some of these mistakes to help you avoid being a victim.

1. Clicking phishing links and entering login information

One of the most common mistakes Facebook users still is falling for a phishing scam. This happens when a Facebook user clicks a link on a message or email claiming to be from Facebook, and that link leads to a webpage asking the user to login to their account. However that webpage won’t belong to Facebook, and the information entered into it – namely the username and password – is sent straight to a crook.

This scam relies on something called social engineering. That’s the trick the crooks use to bait a user into clicking the link and entering their login information in the first place. For example the message or email may claim that the user’s account may be disabled unless they confirm their information by clicking the link. See below.

Remember, be sceptical of messages that claim to be from Facebook. Always check the web address of a Facebook login page to see if it actually belongs to Facebook. And consider enabling two factor authentication, meaning a password isn’t the only thing a crook needs to access your account.

2. Using the same email and password across multiple accounts

It’s not just you who can fall victim to a cyber-attack. The companies you have online accounts with can as well. And if the consequence of such an attack means a crook now has access to your username, email and password, then this means they can access that account.

Now, if the company that got attacked is worth their salt, they’ll reset your password straight away and invite you to create a new one. But if you’re reusing the same passwords across different accounts, your problems are not over. That’s because crooks know that so many people reuse the same credentials, meaning they will try your stolen credentials in different accounts to see if you’re reusing them – and yes, that includes Facebook.

The solution to this is simple; don’t reuse passwords! And again, two factor authentication switched on (for all accounts that support this) is an effective way of not falling victim to this attack.


Sponsored Content. Continued below...




3. Using public computers

Using your online accounts such as your Facebook account on a public computer is a dangerous endeavour. Malware such as keyloggers can be installed on these computers which can log usernames and passwords and transmit that data straight to cyber crooks.

Keyloggers can also install themselves on your own devices, of course. This is why we always recommend using good security software and running frequent virus scans. Our recommendations on security software can be seen here.

4. Not being careful with your email login details

If crooks gain access to your email, they can use that to hijack more accounts by using the “forgotten password” feature that many accounts offer, such as Facebook.

The password to your email is extremely important, so as with the above points, make sure you don’t fall for a phishing scam and don’t reuse the same password. Also make sure it is strong with lots of characters and some numbers, avoid entering it into shared public computers or public Wi-Fi, and don’t give it to anyone else!


Sponsored Content. Continued below...




5. Not enabling Two Factor Authentication

Two Factor Authentication (2FA) is a vital security step that most users still don’t do. That’s possibly because many users think it means having to hand over your phone number to Facebook – it doesn’t!

2FA means an extra piece of information is needed to access a Facebook account, not just the password. This could be a PIN code sent to your phone, or it could mean a PIN code generated by an app on your phone (so no need to hand over your phone number!) We have more information on enabling 2FA for Facebook here.

Keep up-to-date with all the latest cybersecurity threats and our tips to stay safe online. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)