Question from Elaine: Every day we hear about Facebook being hacked and it seems like my friends are getting hacked all the time.
Why is Facebook so easy to hack? You’d think they could afford to provide better security.
Rick’s answer: That’s a great question Elaine, and my answer is this: Facebook isn’t anywhere near as easy to hack as most people think it is.
Allow me to explain…
While there are reports of “hacks” on Facebook all the time, most of the incidents reported aren’t really true hacks.
Take for instance the account cloning scam that’s been spreading all over Facebook for a good while now.
Fake accounts that mimic a user’s real account are being set up to trick that user’s friends into accepting a friend request from the fake account, thinking the new account was actually created by their friend.
In reality, a scammer can “clone” a Facebook account without ever having login access to that account.
All a scammer needs to do in order to clone an account is open a new account and then use the information and photos that’s publicly available on the real account to populate the new fake one. No hacking takes place at all, just a simple copy and paste.
Another common situation that can make an account appear to be hacked when it really isn’t is when one or more rogue apps are enabled.
A rogue app is any app that does malicious things like use your account to send SPAM and/or malware to your Facebook friends in instant messages or via posts that show up in their newsfeeds.
As explained in this post, rogue apps often start off as legitimate apps but then get altered later to make them become malicious in nature.
Other rogue apps are malicious from day one but somehow manage to make it past Facebook’s review/approval process anyway.
Now all of the above being said, some scammers do manage to find ways to log in to someone else’s Facebook account, but even many of those compromised accounts aren’t really “hacked”.
Most apparent “hacks” are the result of a user responding to a phishing email or some other social engineering ploy to trick the user into revealing his/her password. In cases like this, the “hacks” aren’t the result of a security flaw in Facebook’s software. They are actually the result of trickery on the part of the hacker.
I’m not saying that Facebook accounts never really get hacked, because they do. I’m merely saying that true hacks are relatively few and far between.
The tips mentioned in this post can help prevent your own Facebook account from getting hacked or otherwise compromised by a scammer.
And here’s my most important tip of all: Enabling Two-Factor Authentication on your account will lock it down tight and prevent others from logging into it even if they have your password!
Bottom line: While it can appear that Facebook is getting hacked almost non-stop, in reality true hacks are quite rare because the Facebook website and app are actually quite secure.
Update from Elaine: That makes sense, Rick. Thanks for taking the time to explain it in such detail.