04/09/2021
Malicious tagging in facebook so there's a lot of people who are affected of this issue. In order to examine this attack i made my self a victim so that i can go through the process of the victims experience and analyze everything from it but i just use here a fake facebook account and i did it in a testing environment so i'm safe whatever may come.
So i got the link from video that has tagged to the victims facebook, ofcourse there a lot of boys out there that will click the link for more content regarding this. The hacker here is exploiting the man's weakness in order for them to click the link. so when i click the link there is fake facebook login so this is really a phishing site okay?the goal here of the hacker is for you to input your username and password in this website, once you done it then probably your facebook username and password will be send to the hacker's machine. So why this is spreading so much?so when your facebook account was already hacked then the hacker will use your facebook account to tag every facebook friend of yours and your friends of friends and so on and so forth. It's like a chain reaction so this kind of attack is part of what they call the post exploitation, where the hacker takes advantage of the compromise accounts based on their malicious purposes, so in here the malicious purpose of those hackers is to hack as many accounts as possible. So how do we secure ourselves to this kind of attack? Simple lng po, do not input your facebook username and password to non-facebook websites so check the url that can be found in the top of your browser is it really facebook.com ,if not then don't bother logging in your username and password just close it and for misconception, i think this is the most asked question For this kind of issue is it possible for us to get hacked by just clicking the facebook link? Ang answer ko is no and yes because just like i saw the phishing they can get your public ip address,your estimated location and if your gps is turned on then probably your exact location but not your fb password unless you input your username and password in the phishing link okay?however if the link contains a malware that automatically install itself in your device just like the ghost push and the shifty bug malware then probably still it cannot get your fb password but it can load a keylogger that can wait to input your fb username and password that's still resulting to compromise of your facebook account.
