How to steal facebook accounts?

Catchy title huh?

Well, I am going to tell you how to do that, but first let me explain to you about what we call “phishing” yeah with a”ph” and not an “f” as fishing the fish! 😛

Okay, as Wikipedia puts it:

“Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication.”

In simple terms, it is to trick user into going to a fake website that looks like a genuine website, and have him/her submit hir* username/password to that fake website.

As a live example, the website: http://www.faceilbook.com is a phishing website where you are tricked to believe that this site is facebook. Now look closely:

1. That website is not facebook, it is f a c e i L b o o k . c o m
Notice the “i” and “L” introduced in the name. These are tricky characters that are not easily seen in the URL.
2. Notice the domain name WHOIS information of this website:

http://whois.domaintools.com/faceilbook.com

It the domain name was registered by a Chinese person.

3. Notice the source code of that fake website, it will redirect you to the profile:
http://www.facebook.com/profile.php?id=81014163 after you give away your username/password.

It looks like “Carl Cachia” is somehow involved in this scam.

My advise to you:

1. Never to click any URL or address you are given, even by the trusted ones, without making sure that the website looks okay or not (as I explained above). Your trusted friend might be infected by a virus which sends this fake website automatically.

2. Always doubt when you click on a URL and you suddenly find yourself being asked to enter your username and password

3. In case of doubt, enter a wrong username/password and see if the website reacts normally.

That’s all for now, hope you got informed!

Take care,
Elias