It seems not a day goes by without someone on the internet asking me how they can "recover" a password for a Facebook account that they can no longer access.
Some of them are more honest, and admit that they want to crack the password for someone else's Facebook account because of a feud, or to pull a practical joke, or to spy upon a boyfriend or girlfriend that they believe might be cheating on them.
Naturally, in any of these scenarios, I'm not going to help. Breaking into someone else's Facebook account without their permission is illegal, and if you have *genuinely* lost access to your own Facebook account and cannot recover your password through the usual processes, the best people to turn to are Facebook's support team.
But my unhelpful response isn't likely to stop determined Facebook hackers and snoopers from attempting to break into accounts - and some might turn to downloadable tools to help them break into accounts.
There are a number of websites online offering tools that claim they can find out Facebook passwords for you.
Here, for instance, is a site promoting Facebook Password Finder.
As ThreatTrack security researcher Chris Boyd explains, websites like this appear legitimate enough - with testimonials from happy customers, telephone support lines, thousands of positive ratings, and the promise of a free and quick password discovery.
There's even a video of "Mr Mark" saying how he used Facebook Password Finder to "hack into [his] cheating wife's Facebook account to find evidence of her cheating".
Other websites offering what appears to be a rebranded version of the same tool are more blunt about what they're offering - this isn't about finding a lost Facebook password, this is designed to help you hack into other people's Facebook accounts.
Hack Facebook Profile Passwords Today!
By using Facebook Hacker Pro, the free, easy to use & fast Facebook hacking tool!
Who said hacking a Facebook password is hard? Now with Facebook Hacker Pro, our free Facebook hacking tool, Facebook password hacking is easier than ever, all thanks to it's easy to use and learn interface that will guide you through the entire Facebook hacking process. Read on to find out how YOU can hack Facebook for free, today!
The tools offered by these sites appear to operate in the same way, asking you to enter the profile ID of the Facebook account for which you would like to grab the password.
Profile IDs of Facebook users are publicly available, so it sounds like it would be a doddle to crack the password of *any* Facebook user. Right?
Well, not quite. You see, the password-hacking tools claim to retrieve Facebook passwords that have been stored on the local computer. In other words, you should only be able to grab the Facebook passwords from people who have used the same computer that you are using the tool on.
That sounds like it would be an effective way to spy on your friends, or romantic partners that you may have suspicions about, if they let you install the software on the PC.
However, when ThreatTrack researcher Chris Boyd tested the tools he discovered that the tools offered much more than they delivered.
Boyd entered a nonsensical profile ID (not one that had ever used his computer), and yet the tool still claimed to have cracked the password, and demanded that he obtained an activation key to view the secret details.
Far from being free (as promised by their websites), the tools asked users to pay $29.99 to view the “Sponsor’s password recovery and management guide”.
Furthermore, some of the tools threaten to install irritating browser addons that could mess with your search engine results, display pop-up adverts and be a nuisance to extract from your computer. This is another way in which the scammers can earn money from your interest in Facebook hacking.
Remember - cybercriminals could take advantage of any hasty decisions you make regarding running unknown software on your computer designed to crack passwords. It's not inconceivable that they could even embed malware inside such tools, designed to spy on you and *your* online passwords.
You're a mug to try and hack into someone else's Facebook account, and risk ending up in trouble with the law. And you're even more of a mug if you hand over $29.99 to dubious websites that offer to crack the passwords for you.
You can learn more about these dodgy Facebook Password Finders in the ThreatTrack blog post on the subject.
If you are on Facebook, and want to be kept updated with news about security and privacy risks, and tips on how to protect yourself online, join the Graham Cluley Security News Facebook page.