This is a story with you in mind. It has three main characters, rising action, a lot of conflict, irony, and a satisfying resolution. It could be likened to Rocky or David and Goliath—there is, after all, a behemoth at the center. Most importantly, it’s a cautionary tale we want to tell as simply as possible, because there’s too much at risk, not for us, but for you, if we don’t do it well.
Part I As Told by Linda M., Client of PC Assistants
It was a nightmare. In late August, my Facebook account was hacked. For two weeks I was held hostage. Unable to log in to my account, I watched as the hacker totally took over. Suddenly, my profile showed I had received a certificate from the CryptoCurrency Certification Consortium and was now a Certified Bitcoin Professional. Then my profile showed I had obtained a real estate license. Next, a friend contacted me asking if I really was living on a ranch in Texas (Wisconsin is my home). My picture began to show up on cloned accounts.
Every time I tried to gain access, I was told the account was not mine. I told friends to unfriend me. Ultimately, because of the hack, I was even forced to close an email account I had for 40 years. It was like seeing your life smashing around you. Desperate, I decided to call our computer consultant, Bill Hand, for help.
Part II As Told by William Hand, PC Assistants President
Over a period of five days, Linda and I spent six and one-half hours trying to find a way to get her account back under her control. Linda and her husband have been clients of mine for 17 years and she had left a voice message for me stating that her Facebook (FB) profile had been hacked and she couldn’t log in.
We tried the usual, “I forgot my password,” step, but FB wanted to send a text verification to a phone number that wasn’t Linda’s. We tried requesting an email verification, but FB wanted to send it to an address that wasn’t Linda’s. Next, I attempted the following:
- Conducted an extensive online search on regaining access to a FB account
- Conducted an extensive search in online technical forums
- Followed every step suggested in FB’s FAQ section
- Searched for ways to speak with a human at FB
We hit a dead end every time.
At this point, it was apparent the mechanisms FB had in place to deal with problems like this were very limited. Initially, I thought that, if none of the automated methods to resolve Linda’s problem worked, then we would end up either in a Facebook support chat session or on a phone call with somebody at FB. There is no way to do that.
Finally, my wife suggested I contact fellow computer consultant Dave Rebro. I called him, he asked for a description of the problem, and he took it from there.
My heartstrings were tugged when I saw how upset Linda had become. You can imagine how it is when you’re violated and all your information is out there. Not only that, her credit card was attached to her account, as well.
I’ve helped people before in similar situations, but not to this level. Her hacking situation was so complex. There were a number of reasons for that, and I couldn’t leave Linda in her current state. Also, I don’t like to quit.
One factor adding to the difficulty was 4 or 5 new accounts had been cloned with her name and actual picture. We had to figure out which account was hers and which ones were the fakes. That was hard to do because the hackers had turned on privacy settings—no data was accessible.
Another factor making a solution hard to reach was Facebook itself. While it provides some steps to get back in, they’re not user friendly, can be confusing, and are very difficult to navigate. Nor is there a direct way to get in touch with Facebook; there’s no phone number to call; there’s no form to fill out.
[Note: According to IT Governance, the number of records breached so far in 2023 is 4.5 billion. Dave explained that most hacks are software driven; there’s not just a person behind a computer trying to break in to your computer. These software programs, referred to as bots (short for robots), search the internet for information obtained from previous breaches. That information is then sold on the black market, a/k/a the Dark Web. He further explained that the high-tech bots are automatically generating many more cyber attacks every day and the number keeps growing.]
Lastly, continual changes on the part of Facebook created challenges. Meaning that the steps to go through today are different than what FB had in place six months ago. So, I had to figure out what the new steps were and it’s not very intuitive.
I spent approximately 18 hours trying to recover Linda’s account. It was not a simple process:
- To see where other people had successfully contacted Facebook, I had to do some real good research. Eventually, I had about ten different emails. Most of them were inactive, but I found a couple that were active, and I just kept sending to those addresses, “We’ve been hacked.”
- Facebook would give us codes to type in, but the codes wouldn’t work. Every time I got stuck, I’d have to go back to the beginning and start the process all over. We were “caught in the loop,” which is how other people described it online.
This stretched out so long and there was a lot of frustration, not only on Linda’s part, but also on my part because I was going through a vicious cycle over and over again. It wasn’t our fault; we were following directions. But things weren’t working on Facebook’s end.
Eventually, with persistence, we caught a break. Since I had continued trying to reach FB through one of the contacts I had found, I finally got to the right person in the right department and they closed Linda’s account.
We fine-tuned Linda’s new account and went step by step through the privacy and security settings. We have it to the point where she has probably one of the most secure accounts I know of.
[Note: According to Dave, there are plenty of recommended security and privacy setups that Facebook provides, but you have to figure out what those are on your own. It’s not easy. Then, once you’re in, you could spend hours with all the different settings.]
Part IV As Told by Linda M.
I appreciate everything Dave did for me. I don’t know how he did it, but he got my life back, really. I’ve been telling family and friends about my experience and many have now put a second level of protection on their Facebook accounts.
With my new account, Dave went step by step on how to set it up with protections. He gave me all kinds of helpful information that I didn’t know—such as telling me to be careful about what I click on and what not to do if I want to buy something I see on Facebook.
To people who haven’t thought about protecting their Facebook account, I’d like to say, “Do not fool around. Hackers don’t care. They will take over everything you have and will ruin your life if you let them.”
Based on his experience working with Linda—and at her suggestion!—Dave now offers a one-hour Zoom session with clients to provide them a security and privacy audit on their Facebook accounts. It’s for small businesses, as well, not just for individual accounts. He’d like people to ask themselves, “What do I need to protect myself and my business if I want to participate in online services?”
Dave guides his clients through each section of security and privacy to make sure they’re tuned the way his clients want them. He’ll explain the benefits and the negatives, provide his recommendations, and let the clients make the ultimate decisions about their settings. His fee ranges between $100-$175 for the session.
Ultimately, Dave wants clients to have the comfort that comes with knowing they did as much as they could to protect themselves.
With the help of blockchain technology, Dave is hopeful that, in about five years, we will see a positive shift in online security. In the meantime, please take this story to heart. Don’t make the expensive mistake of assuming your accounts are secure. Avoid living Linda’s nightmare by taking all the precautions you can. We’ve provided you with the first and most important step…contact Dave Rebro.