Skip to main content

How to protect your Facebook from Isis: The tricks Daesh uses to hack accounts and spread propaganda

An Isis supporter's Facebook account
Facebook might have protections in place to remove and prevent terrorists from spreading messages, images and videos on the social network, but Islamic State (Isis) has been employing a Whack-a-Mole approach, whereby for every account that Facebook removes, more immediately pop up. Inevitably there is the risk that some will get through.

As previously mentioned in our February investigation into arms dealers using Facebook to sell and trade weapons with users across the Middle East and Africa, Facebook is struggling to detect and remove every account relating to IS as users often hide pages and profiles by giving them Arabic titles.
You would think that it would be very hard to hack into a Facebook account, unless you were willing to play the long game and set up a phishing attack whereby internet users click on malicious links in emails and are tricked into entering their Facebook login details, but no, IS has found another way.
According to Ghost Security Group (GSG), a non-profit organisation of people who analyse information relating to Isis on social media platforms to track potential terrorist activities, Isis supporters are hijacking Facebook accounts by looking for accounts that have been set up using a defunct email address.

How Isis hacks Facebook accounts

"Many people use disposable email addresses to create these Facebook accounts. After a period of inactivity, the email provider assumes you are no longer using the account and free up the name to be given to someone else. So if I make rr@disposableemail.com and then don't use it for a long time, if someone else decides they want to use rr@disposablemail.com, they will say it's available," GSG's tech lead Raijin told IBTimes UK.
"Now if I had used that email to register a Facebook account, but now the email address belongs to someone else, if that person went to Facebook and said: 'I forgot my password and my email address is rr@disposableemail.com', Facebook will send that guy my password reset link. He clicks the link and he now is inside my FB account."
So what do Isis supporters want with someone else's Facebook account? Simple – every user on Facebook has their own personal network of friends, family, neighbours, school friends and colleagues, and they can only see content from those users on their newsfeeds, unlike Twitter, where Isis propaganda runs rampant.
If extremists want to stand a chance of converting more people to support their cause, then they somehow need to access these networks, and what better way to do it then appropriate someone else's Facebook account, change the profile picture and banner image to Isis imagery and post extremist content to share with the user's network.

Creating multiple Facebook accounts in minutes

Instructions on making Facebook accounts quickly
But that's still a pretty time-consuming task, and Raijin says that this method is only likely to be done by people who don't have a job, as many of these hackers have presented themselves as a "childish immature group of script kiddies".
IBTimes UK has been investigating Isis channels on the encrypted messenger app Telegram and we have observed Isis supporters teaching other users how to create multiple Facebook accounts quickly, so that they can help extremists' Facebook posts become more prominent on the social network by liking and commenting on the posts.
In one of the Isis channels on Telegram, we saw supporters post a link to a page on the JustPaste.it text-sharing website, advising users to go to a website called 10 Minute Mail that issues users with a free temporary email address that self-destructs in 10 minutes. We assume that this website was set up for privacy and to aid IT professionals testing databases, but it has been appropriated for spam and propaganda purposes as well.
The 10-minute time frame is just long enough for users to register for accounts on websites, receive a confirmation email (which comes through on the website) and click on the link to confirm the account, and it means that even if Facebook closes down an Isis user's account, they can start a new one almost immediately and propagate it again with extremist content. This same technique is also used on Twitter.

Comments

Post a Comment

Popular posts from this blog

72-year-old woman gives birth to her first child

It said Daljinder Kaur gave birth to a baby boy at a fertility clinic in the northern Indian state of Haryana, following two years of in vitro fertilisation (IVF) treatment. The report noted that though Kaur doesn’t possess any official paper to justify her age, but doctors at the hospital have registered her age as 72 years. It noted that if Kaur’s age is correct, that makes her one of the world’s oldest woman to become mother. 
Post a Comment
Read more

15 QUESTIONS TO DISCOVER YOUR PURPOSE PT. 1

I believe that we were all sent here for a reason and that we all have significance in the world. I genuinely feel that we are all blessed with unique gifts. The expression of our gifts contributes to a cause greater than us.
Post a Comment
Read more

Musa Gowon: Son of former ruler Yakubu Gowon to return to Nigeria after 22 years in US prison

The son of former Nigerian military head of state Yakubu Gowon is due to return to Nigeria after spending 22 years in a US prison after being convicted on drug-related charges. It is believed Musa Gowon was released from the Taft Correctional Facility Bakersfield, California, after US President Barack Obama granted him pardon earlier in November.
Post a Comment
Read more