You always hear about people’s Facebook accounts getting hacked, and often see the consequences of it (constant event invites to random sales with dodgy links). However after working around social media for so long I always thought I’d seen it all, and wouldn’t be fooled like so many others before me. So when I got hacked and had a Facebook page with 25k followers stolen from me, I was left feeling like a true sucker. But I got it back, and actually found a friend in a guy who had taken me to hell and back, from a country I’d never even heard of.
It starts fairly typical of any hack story you’ll find on Yahoo! Answers or on the Facebook community boards. I woke up very early on Wednesday morning to check my pride and joy, a Facebook page I’d organically grown to 25k followers in the space of 2 months. However, I was on alert as I discovered the following message in my inbox, posted by “Facebook Pages”:
“Dear Facebook user, After reviewing your page activity, it was determined that you were in violation of our Terms of Service. Your account might be permanently suspended. If you think this is a mistake, please verify your account on the link below. This would indicate that your Page does not have a violation on our Terms of Service. We will immediately review your account activity, and we will notify you again via email. Verify your account at the link below:
**insert dodgy link here**
=============================== Thanks for being part of Facebook Community. “
I gave this a quick skim and believed it to be legit, partly because I was half asleep, and partly because I definitely had infringed copyright laws with a few of my posts. Looking back I should have noticed the grammatical errors or checked the profile that the message came from (which was a blatant fake) but nonetheless I clicked through to the link, which took me through to the page below.
Without thinking twice about it I entered my details, which directed me back to Facebook’s help page. I then messaged the phony “Facebook Pages” profile from my page to tell them that it was done, and that I was waiting to be reviewed. Feeling like I’d sorted the issue, I left the page and got ready for work, promising to check out how the review had gone before I left for the day.
After getting ready I went to log into my Facebook account but was having no luck. I tried my details again only to notice that it wasn’t my password that was incorrect, but my email address. In fact, it was saying that my email address was not registered with any Facebook account. I was perplexed but tried again, this time logging in with the email Facebook provides on default ([email protected]). This got me in, and it was at this point that I knew there were some serious issues.
Facebook had informed me that somebody in another region had tried to access my page. They’d done more than that.. this hacker had actually got complete access to my account, and proceeded to change the email address to a spammy looking Gmail account. Not only this, they’d posted porn images on a bunch of local pages from my account, sent several friend requests and, to my dismay, removed my admin status from my beloved Facebook page. I was freaking out majorly, and for a number of reasons. My page was a big deal, but the account was also linked to my credit card and PayPal accounts, not to mention the probability of getting temporarily banned for posting porn everywhere.
I messaged the page a few times and got ignored, posted to the wall and got banned, and after not hearing from Facebook support I’d pretty much conceded defeat. However before I gave up I thought I’d talk in a language we all understand:
Tom: I’ll pay you for the page back. Just name your price and I’ll pay it.
Success! No way was I prepared to pay that kind of money, but at least the hacker had recognised me. I just had to keep him talking, get him to understand what he’d put me through:
Tom: Sure, just send me your PayPal details. USD yeah?
Hacker: You can send me via westerunion or moneygram
Just the fact that they said ‘me’ seemed to change the conversation. This wasn’t a robot, there was real human being behind this, probably somebody who could be reasoned with.
Tom: Would you consider being a nice guy and just giving it back? I worked very hard on the page
Tom: You’re from Europe yes? What good is this page to you?
No response for 12 hours, it was time to bait him:
Tom: Just send me your details and we’ll make the arrangement. Money gram please
Hacker: i will send you details just in case
Hacker: you are a nice guy too but man i need some monney even if you don`t send me 1000$..at least 300$ talk to you later
Tom: Don’t we all need money. I was going to sell this page soon anyways.
Hacker: Can I trust you?
Tom: Trust me in what way?
Hacker: I actually post stuff on pages I get. But this seems that you really give much time on it.
Hacker: When can you send me the money?
Tom: I could do it immediately. But how can I ensure you’ll give me ownership back?
Hacker: You will have my word. First I make you editor. Add me and I’ll make you editor right now.
Next thing I see a friend request pop up from a name I won’t mention, but could barely pronounce. The display picture was of a pretty girl looking away from the camera. Considering their last status update was back in 2012 I concluded this was fake.
Hacker (now using fake profile): When should I post on your page? I will only post once a day
Tom: What’s your site? Let me have a look at your content
Once he sent through his site I knew that I was dealing with a pro hacker, but an amateur online marketer. It was poorly designed, had spelling and grammatical errors everywhere, and the fact that the visitor counter he’d installed was still in double digits was proof that it wasn’t doing too well. piratage facebook
He gave me back editor controls of my Facebook page (I could post but not do much else), which was a start, but I continued to go in with a soft approach:
Tom: Can you make a comedy post?(it’s a comedy fan page) Then we post that one first, and slowly just post all kinds of stuff
Hacker: I thought you had money:P. Lol.
Tom: What do you mean?
Hacker: I mean, I don’t really have the life you have.
Tom: Where are you from?
Pardon my ignorance, but I’d never heard of Kosovo before. I’ve barely travelled outside of Australia, and have never been to Europe. I quickly read up on it on Wikipedia to discover Kosovo’s brief history – it had only been a country as of 2008, when it had unilaterally declared independence from Serbia. According to Wikipedia Kosovo was known to be “Extremely vulnerable to organised crime and thus to money laundering”, so everything was starting to make sense.