Help, my Facebook account’s been hacked — can you help me unhack it?

Barbara Chaiken’s Facebook account is hacked, and the bad guys are asking all her friends for money. Is there any way to stop this?

Question: I was hacked a year ago and everyone on my Facebook friend list got a notice announcing I was gay. The hacker changed all my likes and interests.

I couldn’t get anyone at Facebook to assist me. I just changed my password and it fixed the problem.

Elliott Advocacy is underwritten by Squaremouth. Squaremouth helps travelers easily and instantly compare travel insurance policies from all major providers. Only companies that meet the strict requirements of Squaremouth’s Zero Complaint Guarantee are available on the website. Compare policies on  Squaremouth.com to save over 70 percent on your next purchase.

This year, it was more malicious in nature and I am desperate to get help. The hackers wrote to everyone on my friends list again saying I was in need of money. Several people called to say they almost sent it, but countless others who don’t have my home email or phone numbers may have been scammed.

A friend from high school told a mutual friend she had sent me $1,500. My friend called me immediately because she knew it was a scam. How do I find out if others sent money and who these scammers and crooks are? — Barbara Chaiken, Durham, NC

Answer: I’m sorry to hear about these hacks. You can certainly do more to protect yourself from these violations of your Facebook account. But Facebook can do more, too.

But let’s start with you. Often, the bad guys get into your account because you willingly gave them your username and password. Maybe a “friend” sends you a link to a login page, which the hackers use to harvest account credentials. Or maybe you signed into Facebook from a public computer which was using keylogging software.

How to avoid such trouble? If you think you’ve been hacked, change your password immediately to deny these criminals access to your personal information. Make sure you’re using a unique password for your Facebook account. And keep it to yourself. Don’t share the password with friends or acquaintances. Practice safe computing by logging in using a PC that you trust.

How about Facebook? Well, according to you, Facebook never responded to your request for help. You had to fix the first hack yourself. The second one was still unresolved when you reached out to me, and Facebook hadn’t responded.

I contacted Facebook on your behalf several times to see if it could help you restore your account. In response to each email, it sent me a canned response with a link to a page on how to resolve a hacked account.

“If you think your account was taken over by someone else, we can help you secure it,” it promises. “This process can also help if your account or computer has been affected by a virus or malware.”

But no one contacted you — or me — to walk you through the process. That’s incredibly disappointing.

I have to assume that more people came forward saying they had sent the hackers money, because you stopped responding to my emails, too. This is the worst imaginable outcome, with an intransigent company and a confused customer. Facebook hasn’t made any friends today.

15 thoughts on “Help, my Facebook account’s been hacked — can you help me unhack it?

  1. If the facts, as reported, are true… Shame of Facebook. Maybe the Zuckerbergs should spend a little of their money to help the people who made them rich in the first place.

  2. As the saying goes about the virtual world, ‘if you are not paying for it, you ARE the business’. Waste-book’s business model includes harvesting data from & marketing ads to their ‘friends’, um, users. It would cost them $$$ to really care.

    1. If Facebook promises personalized help on request, then regardless of how much anyone pays for Facebook service, its staff needs to follow through on that promise. If it won’t do that, Facebook needs to stop making that promise.

  3. I apologize if I got this wrong, as the story is a little unclear: Did the automated process not work, and that’s why she’s writing in? Because it looks like that process hasn’t been followed, but both of you are expecting Facebook to hand-hold her by doing it manually Because Reasons.

    Because I love car analogies: She has her car parked in the Self-Serve lane, and leaning on her horn so somebody fills her car with gas, while the attendant is pointing at the Full-Serve lane.

    I sounds like her computer has malware, or she’s not using a secure and unique password. Account hijackings happen often, but if they are happening more than once on the same account, there is something wrong, and that something is almost certainly not Facebook’s fault.

    Why doesn’t Facebook give individual attention to user account problems? If something is free on the Internet, you aren’t the customer, you are the product being sold. Their advertisers don’t care if one person quits Facebook, therefore Facebook doesn’t care either.

    1. Very succinctly and accurately laid out. I would like to add that, if the first hack was resolved by her changing her password, the hack was probably not from a nefarious unknown as the first thing “evil doers” will do after hacking an account is change the password. It sounds more like she angered someone she knows and they messed around with her a bit.

  4. If it is indeed true that the account has been hacked twice, the problem is most likely with the computer (or phone) of the user. There could be malware on that device. You could be logging into Facebook on public wi-fi hotspots that are not secure, Mave used Facebook credentials to log into a third party site. So many possibilities that suggest unsafe computing on the user’s part.

    Facebook has over 1.5 billion users. And doesn’t charge a fee. To expect personalized service under those conditions is a stretch.

    1. Excellent points. The other possibility that comes to mind is the first hack was perpetrated by somebody the OP knew. The money scam is the obvious crook, but that first one had no motive beyond being mean. That one was far more personal than the second.

      1. Or her email address has been compromised. Changing your Facebook password wouldn’t matter if someone has access to your email address and can just reset it. Or she decided to reuse her old Facebook password after some time had passed.

  5. There are some good points in the comments already: possible malware/exploit on a computer that the user owns or on their phone. Also consider that the email or other online accounts could be compromised too. This could allow the hacker(s) to access facebook among other accounts.

    A multifaceted approach is necessary to solve this long term: (1) Phone, computer, and other devices used must be scrubbed clean, and application to monitor for future threats. (2) all passwords for all internet accounts must be changed, and they should all be different, using an application like LastPass will help you create more secure passwords and save them in an encrypted file locally, that can be synced between devices. (3) browsing, email, and overall internet usage habits must be changed. There is something you are doing that makes them more vulnerable, whether it is not recognizing phishing scams, using publish computers without logging out and clearing cache/history.

    Further steps or education may be required, but this is a start.

  6. Facebook should be scolded for not being more helpful, but the real problem here is that hackers are rarely apprehended. Anyone who steals data, impersonates another or propagates viruses or malware should be tracked down, prosecuted and sentenced to death. The US government seems to be taking little or no action against such hackers. The consternation suffered by this lady is relatively minor compared to what could happen. Our infrastructure could be shut down by a skillful hacker. Our military, law enforcement, utilities and commerce could be rendered inoperable. Lives would be lost and our economy destroyed. It is time for our esteemed federal government to pay as much attention to cyber threats as they do actual military threats.

  7. Did she follow the instructions provided at the link in the article before contacting you for help? As someone who has worked for a top ten website with millions of users, there’s no way I would discuss a user’s account with a third party absent a subpoena. She’a already claiming the account has been compromised, that would raise a red flag right there, as either the account has been compromised or someone is trying to get access to it by claiming so. I’m not sure this is a situation where advocating would actually help her.

  8. OK, I read it yesterday and the comments but didn’t say anything. I was waiting to see if anybody else is going to say it – but nobody did.

    That Chris takes care of people being “wronged” by airlines (for example) is perfectly understandable – in a country that doesn’t believe in high-speed trains nor Autobahns, traveling by air is the only option. No, you cannot chose not to fly, most people don’t go on vacation but are sent out on the road by their employer. So, when you do NOT have a choice and you get wronged … yeah, go kick some a$$, Chris!

    But Facebook? Really? Show me a more useless, bandwidth-sucking contraption on Internet and I will show you a nice bridge I have over East River to sell you at an attractive price …

  9. Ah, well that’s an entirely different issue then. The person described their first hack as “I couldn’t get anyone at Facebook to assist me. I just changed my password and it fixed the problem.” I assumed the second was the same approach. Hopefully I misread and this second attempt is not as complex, but if it was the same, where they got access to their actual profile, then I stand by my original post.

  10. I was hacked 6 years ago. I don’t know who did it, only that it was someone I knew. They weren’t looking for money, just to cause problems for me with my friends. Facebook was NO help at all. I ended up deleting that account. I set up a new e-mail address known only to me, and use that for Facebook only. I would recommend the LR do the same thing. It makes me a little angry to know that Facebook hasn’t changed their tune for hacked accounts since it happened to me.

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: