How To View Private Facebook Profiles & Pictures
Everyone has been in a situation before where they wanted to see what people from their past were up to without truly making a connection with them. Maybe you want to see what your crush from high school is doing now that you’re in your 20s and out of college, or you’re curious what ever happened to your middle school bully. We’ve all had people that we wonder about from time to time when their names cross our minds, but it isn’t always as easy as pulling up their Facebook profile. Perhaps their profile is locked down, without a way to access their content, and you can only see their name and profile photo. And while adding a person is always an option, adding some people simply isn’t an option if you don’t already have a preexisting relationship with that person. there must be a way to gain access to a private profile on Facebook, but how?
To make matters worse for anyone looking to dive around Facebook’s privacy settings will likely find it difficult. Facebook’s been in a bit of a tough situation lately. Their privacy options have been called into question throughout 2018 after they were found to have let third-parties gain access to content they weren’t supposed to view. With Facebook in full damage control, the company has promised to make privacy setting even more difficult to circumvent It also means that any site that promises to allow you to view private information is likely going to break if it hasn’t already, leaving anyone looking for private information on secretive people without a solution.
So, what is there left to do? Well, in previous iterations of the site, you could actually manipulate a Facebook profile URL with the person’s name to see some of their timeline and images, though this exploit has long been fixed. Likewise, other exploits and cracks in Facebook’s armor, like the ability to use a Facebook graph URL to access private Facebook images or the option to use third-party tools to circumvent Facebook’s own privacy locks, have all been patched and sealed. And overall, this is a really good thing—you don’t want users to be able to see your own private Facebook feed, so it only makes sense that you cannot see other profiles. That said, if you absolutely need to view someone’s private Facebook profile, could there be a way? Certainly some sort of exploit or hack must exist, even in 2018.
The Long Game
While there may not be a technical exploit to bypass the security settings on a profile page in Facebook, this got me thinking about how you could view such a profile without having to deal with technical barriers. As someone who has worked in IT security for a long time, there’s one thing I know for sure: the weakest link in any cyber defense is usually human. That’s true when dealing with online security protocols, and that’s true when it comes to Facebook.
There are a few ways to play into the deception of your target, and neither one of them is particularly honest or virtuous. That said, if you really need to view someone’s profile when they refuse to allow you access, there are two ways to go about this. The first is to become fake friends with the target, impersonating another mutual individual to gain trust and grant yourself access to the person’s Facebook account. The second method is similar, instead claiming to be hacked and starting a new Facebook account. We’ll take a look at both options below, exploring how you could do each. Both require time and effort to accomplish, along with a little bit of detective work, and in general, some dishonest and morally questionable behavior.
If you’re interested in learning the science behind this method, we’ll be using the theory of triadic closure to collect new friends. This involves friending multiple people online in order to target one person specifically, by masquerading as someone with lots of mutual friends and acquaintances. Here’s how you do it.
Become a fake friend to view private Facebook profiles
To test our theory, I selected a man I went to college with as my subject. While studying, we hadn’t gotten along quite well, though I was friends with his sister at the time. For whatever reason, he’d blocked nearly every Facebook friend request I’d ever sent him, and I was never able to access his private profile. This wasn’t necessarily a big deal, but it does make him the perfect target to test our theory on. Obviously, I had the advantage of knowing where he went to school, as well as knowing plenty of people he went to school with. If you aren’t familiar with the person whose account you’re trying to access, you may need to utilize LinkedIn and Google to find any additional information on the person. Privacy is tough to manage, so find out who their friends are, where they went to school, where they work, and any other information you can about their life to complete a profile build from your knowledge.
Pick your target
Effectively, you’ll need to create a profile around someone who both you and the other person knew, while simultaneously not duplicating an existing account. For this, I selected our old computer science lecturer as my target. He didn’t have a Facebook profile that I could immediately find, and didn’t seem to have much of a social media presence at all on other networks. This is ideal for creating the perfect scam account. I began work creating a fake Facebook profile in the name of our old lecturer and added some images of the school, the city we attended college in, and some photos of old computer parts to complete the look of the profile. I also spent time adding timeline entries that sounded like what our old professor would post. To many people, this may seem like immoral or questionable behavior, and while it in many ways is, it’s one of those things you’ll have to do in order to perfect the con. All in all, it took me about a week to build out my new profile.
After this, I started sending out friend requests to as many people who I had gone to school with as possible. I also sent out requests to other IT specialists, industry leaders, and the kinds of people an IT teacher would be friends with on Facebook. All told, I sent out around 200 friend requests over a couple of weeks. Notably, I did not send a friend request to the subject.
There is a lot of risk here. The person whose life you are, essentially, imitating could be in contact with people you friend online. We recommend protecting your own personal information as much as possible by using a VPN to mask your IP address. Most of the users I requested friended me back on Facebook, and by the end of week two, I had 132 new friends.
Find the subject
Now, while I was logged in and masquerading as my old IT lecturer, I went through the friends lists of my new Facebook friends to send requests to the people they knew. Once more, I avoided sending a request to the actual subject I wanted to learn about. At the same time, I continued to create more false posts and filled out the persona to make it a little more believable that I was indeed the profile I had said I was. Though not every person that I’d friended had added me back—slightly less than half, all told—I still managed to gather an additional 60 friends.
Fork in the road
Finally, it was time to strike. I had a good collection of friends, some of which were mutual connection on Facebook with the target I had in mind. At this time, I had two options: I could either use the “Facebook three trusted friends hack,” where I try to repeat this twice more to get three friends, or I could directly approach the target to add him on Facebook. I chose the latter, which doesn’t necessarily constitute hacking. Instead, it’s more of a method of social engineering. It may not be condoned by Facebook—or even us, for that matter—but it does work.
With 183 friends on my account, more than two dozen timeline entries, and some IT-related news posts that directly reflected what I hoped our professor would’ve posted on their account, I finally sent a request to the person I’d been denied from on my own personal account. While I waited, I continued posting as the computer science professor, and continued to add occasional friends here and there. All efforts designed to strengthen the persona I had created online.
About a week later, the subject finally replied to my friend request, accepting me into their digital life. I could now view their entire profile, without having to worry about being caught. Once I had finished with my sleuthing, I deleted the professor’s Facebook account, so as to not leave any traces of my account behind. If you wish, you can always leave your account deactivated. This will allow you to only reactivate your account when you need to see a specific person’s profile.
The Hacked Friend
There was one other method we mentioned above, and that’s the “hacked friend” method, another way to bypass the security of your target by using social engineering and manipulation to your advantage. We won’t lie—this can be really risky, and for most people, you may want to steer clear of any dangerous online stunts that put you in the way of accidentally causing a scene among someone’s social clique. Likewise, if you aren’t comfortable with doing the above, you probably won’t want to commit to doing this. No matter how you feel about either of these guides, let’s take a look at how it’s done.
So, to perform this method, you’ll need to effectively find a friend of the subject you’re attempting to connect with online, and completely copy their profile word for word. This takes some serious work, as you find out information on who your subject is friends with. A little scanning of Facebook and your mutual friends list can determine some information for you, though it does take some serious time to search through all of the content. As you make your way through your target’s Facebook friends list, select someone whom they don’t seem to have a lot of connections with. This keep questions to a minimum between the two users, and will help stop you from getting caught in your scheme.
Once you’ve finished this, you’ll have to begin copying the entire profile. Everything from the profile image (which can be downloaded from their Facebook) to their profile detail of the person, from where they work to where they went to school. Build a complete recreation of their profile, then send the subject a friend request saying your account has been hacked and you’re rebuilding a new one. Like above, you may want to start by adding friends that you know will look convincing, in order to effectively recreate a profile. If you’re a blank account with no friends, they aren’t going to add you to their list.
Again, for security reasons, you may want to choose to deactivate the account after you’ve seen what you need to see from their Facebook profile. It’s not a good idea to have a complete copy of someone’s account directly linked to your name. Likewise, make sure you use a VPN to mask your IP address and identity online, so that if the real version of your account discovers you’ve cloned their profile, you can claim innocence. It’s a lot of work, but it’ll pay off in the long run.
To be very clear: neither myself nor TechJunkie as a whole suggest using social engineering to manipulate and trick someone into adding you and approving your friend request on Facebook, Instagram, or any other social network online. This is not just dangerous and time-consuming, but also possibly illegal, depending on where you reside and what laws protect your internet and identity use in your area. Even so, using the guide above essentially counts as “catfishing,” which brings up its fair share of legal and ethical quandaries anytime it’s mentioned.
Pretending to be someone you’re not, even if you don’t break a law, can cause irreparable harm to the feelings, emotions, and mental health of your target, and you should keep the social risk in mind when participating in an act like this. Still, if you’re looking to find information on someone who won’t allow you to view their profile, social engineering is your one way in. I’d recommend getting in and out, deleting the account when finished finding the piece of information you need. The longer you keep up a false account, the more likely someone will realize you aren’t really who you say you are.