I Got Hacked, and It Started with Facebook!
Not every day, you wake up, brew your favorite cup of coffee, and get duped by a Facebook scammer. But here I am, sharing my story, a mix of extreme embarrassment, anger mixed with frustration, and an overwhelming desire to prevent others from falling into the same trap.
My ordeal began innocuously enough on Facebook, where I previously managed my personal feed and business fan page. I was leveraging my business fan page to promote my books on Amazon. It was already a bit rocky because the content of my books is in the genre of religion and faith, so I was receiving malicious comments from non-believers who were trolling me. I continued to ask myself “WWJD” (What would Jesus do?) when responding and making sure to respond with love and kindness no matter how vile and insulting the comments were.
While engaging with one of my pleasant customers, I received a message from someone claiming to be Meta support. They reported unusual activity on my account and provided a link to verify my ownership of the Facebook account. Alarm bells should have started blaring then, but they didn’t. I thought, “I must be getting this message because I’ve suddenly been so active online that it would seem out of the ordinary. Of course, I am the account owner, so let’s take care of this immediately to avoid interrupting my communications with customers!”
Clicking that link and verifying my account information was the first domino. Instantly, my account was suspended for violating policies linked to an Instagram account I didn’t own. I was immediately perplexed by the irony of it all. However, it then became the frustration of a Mobius strip loop with no resolution. To appeal this suspension, Facebook’s help pages insisted I log into either the Facebook account or the associated Instagram account — an impossible feat as Facebook was suspended, preventing logging in, and I am NOT the owner of the Instagram account they named, meaning I have no access to log in.
In my quest for a solution, I stumbled upon a ‘Facebook customer service number’ at the top of my Google search results. This is where my nightmare intensified. The person on the other end, posing as a support representative, convinced me to download an application (“AnyDesk”) for remote assistance. They directed me through a series of steps, one of which involved convincing me that a transaction of $12,345.67 was being attempted on my account. In hindsight, I realize it wasn’t wise to accept this explanation; however, in the heat of the moment, I didn’t initially realize this was a standard placeholder amount on Apple products when on the “Language & Region” screen within General Setting, NOT an actual transaction.
The scammer then manipulated me into purchasing a $390 gift card from Target, assuring me it was just a verification process and the transaction would NOT go through due to their partnership with the Goldman Sachs Fraud Department. He even assured me it wouldn’t be an issue because he instructed me to send the e-gift card to myself; this way, if the transaction somehow miraculously went through, I wouldn’t lose anything. Against my better judgment, I followed the instructions, only to see the charge go through immediately. Despite their reassurances, my gut was screaming that something was amiss!
As the situation escalated, the scammer’s requests became more outrageous, asking me to buy four more gift cards of the same value. I finally requested to talk to a supervisor, who seemed initially apologetic but quickly returned to the script of purchasing more gift cards.
Amidst this chaos, I contacted Apple Card customer service, who advised me to change my Apple account password and provided a new card number. While “the supervisor” was looking at me navigating my iPhone via the virtual access AnyDesk software he had me download at the beginning of the call, he caught a glimpse of the chat I was having with Apple Card customer service on a different device because my Apple products are synched. He quickly admonished me, saying, “If you’re communicating with Apple Support, the hackers can see it, and I risk them erasing all of my devices.” I apologized to him immediately but continued the dialogue with Apple Card Support on a different device because I did not fully trust the representative anymore. The scammer became even more persistent, urging me to facilitate another transaction. I reluctantly complied. However, luckily, the transaction was declined by Target as I had changed my card number with Apple Card customer support.
The last straw was when the scammer, losing patience with my questions and the delayed gift card processing, hurled explicative insults at me and quickly hung up on me. I called back the two telephone numbers the representative and the supervisor had provided me as “direct lines” to them should I get disconnected from the call, and guess what! They were both Google Voice numbers, and when I repeatedly dialed them, the automated message said, “The Google Voice Subscriber is currently unavailable.” That’s when it hit me like a ton of bricks — NONE of these people were from Facebook. I had officially been scammed.
I felt my temperature rising as my heartbeat pulsated in my ears when the scammer purposefully and swiftly disconnected that phone call. It’s a hard pill to swallow, realizing that my panicked quest to regain control of my Facebook account succinctly led me further into a scammer’s web with a second group of criminals that precipitously brought all of my sales to zero, like the descent of an anchor into the cold depths of the sea in response to the abrupt discontinuation of my marketing campaign and ability to communicate with potential customers.
Additional transactions continued to be attempted against my former credit card account number and were thankfully declined immediately. As the weeks pass by, I have an immediate anxiety/fear response to providing my credit card information online despite the number being a virtual number, but, in this digital age, it is practically impossible to navigate without using a credit/debit card to conduct business online. I have been relying on PayPal and gift cards for online transactions. In the aftermath, I continue to be furious, not with the thieves, but with myself for not listening to my instincts.
I wrestled back and forth about whether to post this article or utilize it as a therapeutic release of frustration regarding the situation. Nevertheless, as incredibly difficult as it is to share, I did it with the intention my experience will serve as a cautionary tale. Too many things stay hidden, shrouded in secrecy out of fear of embarrassment and shame, causing injustices to persist. The takeaways of this story are:
1. First and foremost, TRUST YOUR GUT! Immediately pause and re-evaluate the situation with critical thought if something feels off. Heck, play “devil’s advocate” to analyze the situation and identify why you feel uneasy.
2. Be wary of anyone claiming to be from Meta and asking for account verification.
3. Meta does NOT have personnel dedicated to customer support, so you will NEVER speak to a live agent regarding personal Facebook accounts. The business accounts may, however, be a different situation.
4. Do NOT automatically trust customer service numbers on Google without verifying their authenticity.
It has become glaringly apparent I will not get my 20-year-old Facebook account back after weeks of searching for help. I even went so far as to write a message providing supporting documentation to the CA DOJ, as one YouTuber said this worked for her. Still, I promptly received an email stating that while they would keep my documents on file, they could not assist me. If I wanted to obtain a private lawyer to help me with any damages incurred, that would be my choice.
To add insult to injury, my actual Instagram account (not linked to the Facebook account) was also deactivated three days later since Meta owns both Facebook and Instagram. I’ve learned invaluable lessons about online vigilance and questioning even what “seems” legitimate.
Thank you for taking the time to read this public service rant. Feel free to share my story to help others avoid a similar fate. Stay safe online, and remember, if it seems too good (or too bizarre) to be true, it probably is.