Blog

February 25, 2021

My Facebook Hack Story

Around 6 pm on Monday 22nd, 2021, my Facebook account was hacked. In order to pay attention to family and to properly rest, I regularly go offline on weekdays from 5 pm to 11 pm. This may have been the reason I did not respond to my Instagram and Facebook notifications regarding an attempted login to my accounts. Around 6.30 pm, I got a call from a guy claiming to be a representative of the OAU Alumnus group. He was well informed about me and claimed that I was nominated to attend a virtual meeting via Facebook at 8 pm the same day. I politely declined due to my commitment to family time.

He seemed genuinely disappointed, then he said I will receive a 6-digit code on my phone which I am to read back to him so as to remove me from the meeting. Immediately, the text message came in and without thinking too much, I was reading it to him but my wife interjected and signaled me to stop reading the code. I guess it was too late though I stopped the call on the 5th number. My wife told me it was likely a fraudulent pursuit, but I disagreed since it had nothing to with the bank or money.

30 minutes later, I got a call from someone in the UK I had not conversed with for nearly 10 years. I was really happy to see his number with a sudden realization of how “busyness” has taken control of that part of my social life. After exchanging pleasantries, he informed me that my Facebook has been hacked. He attempted to walk me through the solution to regain it back, but it was too late, the perpetrator had logged me out of my Facebook and Instagram accounts, and he changed my email and phone number for both accounts. FYI, I log into my Instagram account with my Facebook profile (rookie mistake!!!).

You truly never know what you have until you lose it. Though I stopped uploading personal pictures, I have an archive of significant picture albums dating back to 2008 on my Facebook profile. Also, the only social network link which I have nearly 5000 friends from high school, undergraduate, postgraduate, former business partners, and past work colleagues is Facebook. Presently, the reason I regularly surf Facebook is My Project Management and Six Sigma professional groups and communities which I always enjoy. Last, but not least, is my Debit Card information which I previously buy Facebook ads for my business.

How can one property hold so much asset while gaining access to it requires just a string of text and numbers? I do not think I slept or ate that night as I combed the wormhole of the internet searching for a solution to this problem without any promising success. The level of details and precision, that the impostor that took over both my Facebook and Instagram account, may appear superior. In hindsight, comparing Facebook with other internet ecosystems, such as Apple and Google, their weak security protocol and the lackluster response strategy become apparent. For a security novice, I could easily see the holes in this tech giant’s safety system. 

In reaching this aforementioned conclusion, I attempted to be as impartial as possible using a mixture of empiricism and rationalism. The Facebook help center is fully automated, but it is as complicated as a maze. After following the right wizard for someone whose email and phone number have been altered on Facebook, you will always get to the same spot where you need to send a code to the imposter’s email address. I also populated a form as accurately as possible where I could report the hacker as an imposter but it kept giving me the error; “The user profile URL you provided is not valid”. My despondency increased when I visited the “hacked account recovery” section of the Facebook community page, I could not highlight a single success story.

Then I got an email from Quora regarding “Hacked Facebook Account Recovery” because it was one of the forums I previously visited for a solution. One particular author, who happens to be Nigerian, stood out with over 100K views but with few positive comments claiming that his solution worked. I decided to follow his solution step by step despite the fact that I had previously gone through it like twenty times and I knew the end result would be the same. I reached the point where he asked me to put my “old password”, which I populated with the aid of my browser password manager, and next, a familiar page with put in a “new email address” with which I always added my email address which always brings a page with “empty code number form”, however, the codes needed to fill the form have been sent to the Hackers email.

It suddenly occurred to me, instead of filling the page of “new email address” with my email address, why not use a totally virgin email address that the system does not recognize. I place my business email and voila!!! The page that came next was not the usual “empty code number form” page but a new page asking me to identify myself with a government ID card. All the tools I need were just in my vicinity including a webcam, bright light, and my driver’s license. After successfully capturing the ID card, I got a message that they will get back to me in 24 hours after validating my ID. I was just too glad I was able to send a successful message to a human. Well, was I wrong on the human part because 2 minutes later, I got an email in my business email account telling me I should follow a link to claim back my account?

I followed the wizard, adding contacts that were removed by the hacker, removing posts that were posted by the hacker, and removing comments that were in response to the hacker’s post. I could not believe it; my Facebook account was here in all its glory. Immediately I wrote a “Thank you” on my feed to the numerous friends that contacted me through various other platforms concerning the “hacking”. Then I went to my setting platform, added a Two-Factor Authentication using text messages and Google Authenticator App, added my personal email for notifications, transferred all copies of my photo information to my Google photos, and I checked my Ad Manager section and realize that no Ad was running. I finally slept well…

Inspiration Link: https://www.quora.com/How-do-I-recover-a-hacked-Facebook-account-1

Blogging Blog
About Dipo Tepede

I am a Project Management coach. I specialize in making delegates pass any Project Management certification at first try. I successfully achieve this fit through practical application of the knowledge and integration of our Project Management eLearning school at www.pmtutor.org. Welcome to my world.....