My Facebook Got Hacked!

It was a dark and stormy night. I was sitting in my car waiting for my daughter’s program to end when suddenly, I got the dreaded fraud alert text from my credit card.  Apparently, Facebook charged my card $500. Not once, but twice! Holy cow, what was going on? An unsettling feeling came over me: Someone who wasn’t me was playing with my Facebook Ads Manager.

I was eternally thankful that my ad account was hooked up with my credit card rather than my bank because, ultimately, I wasn’t out of any money. I just went through the annoyance of calling the credit card to prove the fraud wasn’t me and sending me another card. The cringy part was logging into Facebook to see what the hell was going on. What was I in for?

Diabetic Watch, anyone?

My Facebook hacker made an ad for a diabetic watch that monitors blood sugar. Phew! That could have been so much worse! Last year, someone obtained my wife’s Facebook account information and posted the worst things you could think of, which got her account banned. Ultimately, she had to create a whole new account because reaching Facebook customer service is like pulling teeth for regular account users.

Looking at my Facebook Ads Manager, I’m still not entirely sure what my hacker did and how they went about placing the Ad. The hacker pre-paid the Ad for the diabetic watch out of my credit card and placed a budget of $4k a day (the highest you can go!), probably for the maximum reach before the fraud was discovered. I saw that this ad was placed the same day and found out about it a few hours later. I was actually impressed that it reached over 8,000 people before I took it down and did all the Facebook password-changing measures to secure my account. The sucky part about that is now Facebook said I owed them $620 for the ad I didn’t make. Oh, what fun! I actually have to figure out how to get a hold of someone on Facebook *cringe*.  Luckily, it didn’t take me long to figure out how to reach someone, and I’ll show you how in a bit.

How Did I Get Hacked?

Here, I thought I was super good at identifying scammers; looking at you, Nigerian prince! I guess it can happen to the best of us. I had a moment of weakness, ok! I was genuinely flabbergasted by how they got my account information. I had to retrace my steps.

The Massage Success Express Facebook page is still in its infancy, and I decided to run a small ad targeting massage therapists to generate page likes and spread brand awareness. On Facebook, if your business page has less than 100 likes/followers, you can’t look at certain page analytics, and you can’t be found via a Facebook search with less than 100 likes/followers. So, I created a small ad promoting page likes for $5 daily. Since I hadn’t run Facebook Ads in the past few years, I was half expecting to update my payment information, but Facebook didn’t ask, and my ad ran anyway.

The following day, Facebook asked me to update my payment information through Facebook Messenger. Knowing I had to do this, I figured I’d get to it when I had a few minutes. Within hours of receiving that message from the real Facebook, my scammer with a customer support profile picture showed up on my business Messenger asking the same about updating my payment information. Unfortunately, I was rushed at that moment and decided to click the link through the scammer message. What came up looked like a Facebook login screen, and here is where it should have tipped me off. Why would I have to log back in when my device is already logged into Facebook? So that is how the scammer obtained my password. Complacency happened because I didn’t think it through and didn’t listen to my brain when I gave my password to the fake login page. I can’t remember all the steps I took afterward, but ultimately, I updated my payment information, which led to the rest of this story.

I’m sharing my experience because this can happen to anybody. I’m here to help you identify these scams and what you need to do if this happens to you. If you’re reading this and have a hacked account, I found an informative website that could help you recover your Facebook account, even if you cannot access it. You can head over to Hacked.com to check out their article and videos on how to help recover your account. If you get a suspicious activity email from Facebook, take all the measures they ask, which will include changing your password. You can go to https://www.facebook.com/hacked to get started on the process of reporting and changing your password.

Since my scammer already had my password, I didn’t receive any notification or email of suspicious activity. What was weird, though, is that anytime I log into my Facebook account from a new computer, Facebook always asks if it was me on that new device, and it didn’t with whoever had my password. I’m telling you, these scammers are getting better at hacking people; stay on your guard!

The most obvious tip-off was the name in the message box. Remember, Facebook really doesn’t want to talk to you unless you violate community standards by posting things that violate them, or you get hacked, or if there is an issue with your ads account. So if they do, they’ll contact you via messenger or email as Meta or Meta Business Support, not some random name from customer support like “Rosemary Evans.” I think what got me letting my guard down was the bottom part of the message where it said, “Meta Help Business,” so I assumed it was from Facebook, or maybe I was just being more careless that day. I’ll go with that.

As a rule of thumb, Facebook will never deactivate or lock your account for mere things like not updating payment information. If there is anything that you think is suspicious, change your password immediately. I highly recommend that, if you haven’t already, set up two-factor authentication. I was locked out of Facebook on my phone after I changed my password, and that helped me log back in. If you ever get locked out of your account due to a hacker, two-factor authentication is a lifesaver for that, too. Here are the steps to get that done on Facebook:

1. Go to your Facebook home page and click the down arrow in the upper right corner.
2. Click Settings & Privacy > Settings in the menu.
3. Select Security and Login in the left pane.
4. Scroll down to the Two-Factor Authentication section and select Edit, located next to use the two-factor authentication option.
5. Follow the prompts to set up two-factor authentication.

You can learn more about two-factor authentication HERE as well. If you haven’t already, you’ll want to set that up on super important accounts across the internet. Also, make sure you take screenshots of whatever is wrong in your account, such as the fraudulent post/ad that was made, so you can share that with customer support. So now that I have identified the problem, what should I do next?

Where to Find Facebook Customer Service

If you managed to find a customer service number for Facebook, I applaud you! If you’re curious about it, I’ll save you the search; it’s 1(650) 543-4800. You only want to call that if you want to listen to pre-recorded messages and not talk to any humans. Facebook doesn’t want people to call them; they will call you if they find it necessary after seeing your problem. So, let’s go through the steps to find Facebook customer service.

1. Go to your Facebook account settings (your picture in the top right corner of both desktop and mobile).
2. Navigate down to the Help & Support section and click on the Help Center. If you’re logged into Facebook on your device, this link for the Facebook Help Center will get you right there, and it should already detect your account info.
3. Go to Policies & Reporting if your normal account got hacked and go through the steps that Facebook has you do to help recover; this may ultimately lead you to talk to someone.
4. For my problem with my ads account, this is what I did: 
• From the Facebook Help Center, I clicked on Business Help Center. I needed to resolve my ads account, so that’s where I needed to be.
• Once at the Business Help Center, scroll to the bottom and click on the Get Started button under “Find answers or contact support.”
• On the next page, scroll to the bottom where it says “Additional Support: Need more help with advertising?” and click on the Contact Advertising Support button.
• This is where I reported my issue about getting hacked and owing Facebook $620, and I needed that taken care of.
• Facebook contacted me via messenger to get more details from me, which then led to me actually speaking to a customer service rep!

That will be the fastest way to reach customer service, so I hope this helps someone out there in need! Facebook wasn’t that quick to solve my problem, either. I reached out to customer service on November 27th about my issue, and Facebook finally removed it from my account by December 7th- 11 days! Who knows if they would have resolved my issue any faster if I had harassed them, but I wasn’t in a rush to touch my ad account.

Facebook does offer that blue checkmark thing so you can be “verified.” Supposedly, you get better customer service if you pay them $15 monthly for the special badge next to your name. My point is to do better, Facebook. I recently had to talk to a customer service person at Apple and waited only 3 minutes to speak with somebody. I know, I know, the inner child in me needs to complain. The most important thing now is that I can run Facebook Ads again! Yay me! 

Despite the headache, advertising on Facebook is a great way to reach more people for your business. You might be reading this because you saw an ad I ran! Speaking of, and despite getting hacked, I like to help Massage Therapists get more clients by running their Facebook ads. If you have the right ad, you don’t need anything else to get your practice completely booked. You can learn more about Facebook advertising with my coaching programs. Hope to see you there!

Get support with coaching!