Science & Tech

Someone has discovered a scarily simple way of hacking into Facebook accounts

Picture:
Picture:
bombuscreative / iStock

A programmer has revealed that almost anyone can easily hack into your Facebook, just by finding out one thing: Any of your old phone numbers.

If you have forgotten your password, Facebook's account recovery system lets users get back into their account by giving their phone number - which Facebook in turn texts a unique code to in order for them to regain access.

Unfortunately - if a hacker decides to buy your old number, a fairly simple task, they can use this same system to gain access to your profile.

Of course, this is only possible if you still have an old phone number linked to your account.

James Martindale wrote in a Medium post that, while Facebook will often remind you to link your account to your phone, it doesn't remind you to keep your contact details up to date.

Martindale tried this himself - and successfully hacked other people's accounts.

He got a new phone number, and when he put the sim card into his phone, he received a text from Facebook - even though he hadn't registered the phone number to his own account.

He wrote in his blog post:

I was curious. I knew Facebook by default lets people find your account with your phone number, so I typed the number into the search bar and see what came up.

He typed in a random password so he could access the password recovery option. It was then easy for him to get a code sent to his phone so he could log back in.

He explains how this method could be used in scams making loads of money, including selling the accounts on the black market, or just asking the hacked person's Facebook friends for money.

Read Martindale's full post here.

More: The scam every Facebook user should be aware of

The Conversation (0)
x