When people say that their Facebook or Myspace "was hacked into"... what is the usual cause that led to the successful hacking?

Usually if it’s hacked, it’s by a friend. Sometimes friends tell each other a bit too much, most of the time friends stop liking each other and this password gets passed on to other people.

As far as it getting hacked by a random. Well, I’m not sure.

I’d go with security question answers as well.

I recently signed up on some site (I don’t even remember which) and the best security question was, “What is your oldest niece’s name?”. Well, any friend, family member, or facebook friend of mine knows the answer to that.

a lot of times people do something stupid like forget to log out on a public computer.

Phishing, if you’re talking about legitimate hacking. Usually, though, I think people just like throw the word hacking around even when it doesn’t accurately describe what’s happened. A friend logging into your FB account with a password you’ve entrusted to her (or a password she’s guessed randomly) isn’t really hacking.

The most common case in my experience is when siblings or friends get access to a person’s computer. Siblings especially. If the account is set to remain logged in, it’s not difficult to get on the computer and play with things.

Usually, it’s all in a bit of fun. To prevent it, I would recommend keeping your computer away from drunk friends, password-locking your computer account, and making sure you don’t annoy your younger brothers (that one was learned the hard way by yours truly).

It’s also easy enough to guess people’s passwords. One of my friends has a program that runs possible combinations of words and numbers to find passwords. That’s why a password is less “hackable” if it’s a random combinations of letters and numbers, and especially if you can include caps and lower-case letters.

My guess is the commonest reason is they’ve shared their password with a friend, and then fallen-out with the friend.

Not sure if this is true because its never happened to me, but i’ve heard in the past that certain spam links would send people to fake sign in pages where the hacker could get their info.

What @Jharty89 mentioned does happen. The easiest way to avoid this is ALWAYS look at the URL of the website you are at before signing in. If it doesn’t say facebook.com, don’t put in your information.