![]() ![]() Thankfully, Facebook has our back and has made this probably the second easiest step, after using the area code. Now that I know my target's number is 202-?-?, I want to try and remove as many of those question marks as possible, making it easier to do a Facebook search later on. Some larger cities like Los Angeles will have multiple area codes within them, but no matter how many "split" area codes there are, it still greatly reduces the hacker's list of possible numbers. ![]() I took the educated guess that the Mayor of DC would have a DC area code, and a hacker could also look up the target's Facebook account and likely find a hometown or the current city the target lives in or works from. The last four digits of the phone number is the line number, in this case, 5678. This yet again removes a large number of phone numbers from the hacker's list. In area codes where the second digit is 1, the third can't also be 1. Again, the plan calls for 2–9 for the first digit and 0–9 for both the second and third digits, but with a caveat. The next three numbers after the area code in our example (235) are the central office prefix. By doing this, the hacker can remove a further 9 billion 990 million numbers from the list of potential guesses. The hacker can also quickly take advantage of this if they know or can take an educated guess at where you live, as it's as easy a Google search. That information right there eliminates one billion possible numbers from the hacker's list. Looking at the NANP, we can see that the first three numbers (234) are the area code, and the plan allows for 2–9 as the first digit and 0-9 for the second and third digits. Luckily for the hacker, he can cut this down thanks to the North American Numbering Plan (NANP) which lays out the guidelines for phone numbers in the US. If you think of a target's phone number as one of all the possible 10-digit US phone numbers, you can quickly see that 10 billion North American phone numbers it far too large a list to effectively search through. In the examples below, her number was changed to protect her real number. For a practice subject, I'll be using DC Mayor Muriel Bowser (2017) as a random city official. ![]() Clearly, this isn't very efficient, so let's see the right way of doing it. How would a hacker actually go about finding your number? In theory, if they had a lot of time, they could just search all 9,999,999,999 potential numbers until they stumbled upon yours. Armed with these, it's easy to make the target think the caller is legitimate.ĭon't Miss: How to Use Maltego to Research & Mine Data Like an Analyst Think of the classic " Microsoft tech support" scam, only the caller trying to trick you knows your name and intimate details of your personal life. Once a hacker has a phone number and your name, they can quickly use open-source intelligence (OSINT) tools that we've covered on Null Byte to grab further public data like occupation, employer, spouse, relationship, any other public info.Ī hacker could use the information to further social-engineering attacks by calling you directly. However, anyone could potentially have a cyberstalker or hacker target them. It has been around as long as the Facebook Graph search, but Facebook chooses to see this issue as a feature, as a letter received by Belgian researcher Inti De Ceukelaire shows.Ĭertainly, some people, such as celebrities and politicians, should be more concerned than others about revealing their private number online. The default privacy setting on Facebook allows anyone to search for you by your phone number once you add it. Facebook isn't allowed to simply extract your number from your phone, but they can do what I refer to as the "app equivalent of cyberbullying" by repeatedly asking you to confirm and save your number each time you launch Facebook. Many Facebook users may not even realize that their private phone number is connected to their Facebook account, having forgotten that they did so. We're going to look at how a hacker would do this and how to protect yourself. On the flipside, this makes it easy to reveal the private phone numbers of virtually anyone on Facebook, including celebrities and politicians. This isn't all bad since it can help secure your account with two-factor authentication. Facebook really wants your phone number, nagging you for one as soon as you join. ![]()
0 Comments
Leave a Reply. |