I’ve always had a penchant for finding flaws within supposedly secure systems. Those sort of activities got me into a lot of trouble in high school, and certainly banned from the high school computer lab once or twice. Early last year I decided to join Facebook, and in doing so, I learned an intriguing fact about this fast-growing social network: Facebook profiles are usually private. Figuring out how to view private Facebook profiles became a brief hobby of mine for a few months last year, so I’m going to share what I learned over those few months
Is It Possible to View Private Facebook Profiles?
I like Facebook - it’s a great social network that MakeUseOf has covered in detail, such as my last article on how to email mobile photos to Facebook, or Tim’s great article on how to “friend” someone on Facebook and hide it from your status updates. What I learned during my nightly hacking sessions is this - whatever sort of hack you uncover today, Facebook will have it patched tomorrow. Early on there were different methods how to view private Facebook profiles by typing a URL using just the right format and code, and inserting the person’s Facebook ID into the URL. However, every time one method worked, it only took Facebook a few weeks or less to patch up the hack.
Why would anyone want to spy into someone else’s private Facebook profile? If you think about it, there are lots of valid reasons.
Regardless your reason, whether moral or not - many people find that they have a need to peek into the private world of someone’s Facebook profile. Well, I’m here to tell you that there’s no easy way to “hack” into someone’s profile. Even if there was - it wouldn’t work long enough to be useful. However, thare are ways to work your way into someone’s private profile, but it takes a little bit of patience, and a lot of unique social engineering techniques.
How to View Private Facebook Profiles With Social Engineering
When I realized that it’s virtually impossible to peek into someone’s Facebook profile using my programming knowledge, I decided to borrow a chapter from the psychology class I took Freshman year in college. Social engineering is essentially the use of psychology to get someone to comply with your wishes. In this case, you want the person to grant you access to view their private Facebook account. Before you make things too complicated, the first and easiest way to access someone’s private Facebook profile is to simply send them a message and hope they reply.
Whenever you click on someone’s picture or name, whether it’s someone on your friends’ list of friends or search results from the Facebook database of users, you’ll find that you have three options to the right side of the person’s bio photo. You can either send them a request to add you as a friend, send them a message, or view their friends. Obviously the first option won’t help you much right now. However, you can use the second option, “send a message,” to work your way into the person’s private Facebook account. How does it work? Well, Facebook’s help section states that anyone who you add as a friend or send a message to “…will have temporary access to view a small portion of your profile. They will see Basic Info, Personal Info, Work Info, Education Info and Friends.”
1. Send them a message like, “Hey! We went to school together, do you remember me? I think we sat together in Geometry.”
2. They may respond with something like, “I don’t know who you are, get lost.”
3. You now have temporary access to view their profile.
The James Bond Approach to Accessing Private Facebook Profiles
If the person doesn’t reply to you, there’s still hope. This next approach makes use of of a form of social engineering called, “demand characteristics.” This is where you set up a group situation where the person adds you as a friend just to “go with the flow” because everyone else has. First, you need to create an identity that the person will recognize. Click “View Friends” in the bio preview box, and scroll through their friends to find someone who doesn’t have a profile picture loaded.
This person is someone who you know is a friend of your target, and the fact that they haven’t loaded an image means they may not use Facebook often and rarely keep in contact with your target. It also means that you can present youself to your target as this person, and they’ll never know the difference. You should also make note of at least 20 or so of the other friends on her list. Next, go to Facebook’s main page and sign up using the same exact name of the friend you found without an image.
Make sure to sign up with an anonymous email account. For help, check out the MakeUseOf review of MakeMeTheKing, or the review of noSPM. Once you get into this new “fake” Facebook account, ask the 20 friends of your target to add you as a friend.
Carefully add all twenty or so of your target’s friends to your friends list by using the approach above. Nine times out of ten, it’s human nature to assume that the message they’re receiving in Facebook is from the person they know, and they’ll always click “Add Friend.” Once you’ve accumulated a good list of mutual friends with your target, you’re ready to go in for the big win. Go back to that person’s profile on the search page, click “Add Friend,” and write one of the most convincing notes you can muster.
The reason you spent so much effort getting her friends to show up on your fake account before you contacted her was to make your “fake” account look far more convincing. She’ll see the number of mutual friends, the sincere plea for help, and just as group psychologists predict - she’ll “go with the flow” and add you as a friend just like everyone else did. The moment she does, you have access to her employment information, school information, photos and anything else she’s added to her account. With a bit of social engineering, you’ve gained the keys to her private Facebook profile. Well done.
Do you know of any other ways to view private Facebook profiles? Share your feedback in the comments section below.