If you have ever desired to hack the Facebook account of friends or family members, don’t worry, you are not alone, as this is one of the top inquiries requested by users in search engines. And the answer is not easy to find. That being said, researchers have found that it is possible to do, with merely a phone number, and a little bit of hacker skill.
Due to security weaknesses on the global telecom network, Signaling System Number 7 (SS7), all social media and email accounts in which you have provided your telephone number are at risk of being hacked. This includes not only Facebook, but Gmail, Twitter, and any other site that asks you for a recovery number.
The SS7 network is popular because it gives telecommunication companies around the world the ability to exchange necessary data with each other, such as roaming, SMSs and billing. It is used by close to 1000 global telecommunication operators.
This ability to exchange information is both SS7s strength and its weakness. This vulnerability was discovered by the German Security Research Labs in 2014. And although its encryption system is the most advanced in the cellular network industry, it is still easily violated because the network does not have the ability to discriminate messages based on their origins. What this essentially means is that the hackers out there who have nefarious intentions can not only spy on the target victims’ phone calls, but they can divert text messages to their own device, as well.
Here’s How Facebook is hacked:
- The hacker clicks on the “Forgot account?” link on the Facebook.com homepage.
- When asked to provide a phone number or email address, the hacker provides the victim’s actual number.
- The SMS containing a one-time passcode (OTP) is sent to the culprit’s device
- The hacker is now able to login to their target’s Facebook account.
It does not appear that this loop will be closed anytime soon; however, there are steps YOU can take that will make your account more secure:
- Always use two-factor authentication (TFA), but link it to your email as opposed to SMS text messages.
- As with TFA, opt to rely only on your email address to recover your social media passwords.
- Rather than using the text and calling apps that come standard on your phone, use apps with “end-to-end” encryption; it will actually encrypt all of your data before it leaves your phone.