Saturday, May 9, 2015

The Down and Dirty of How My Facebook Page was Hacked

Now that I've shared what you should do if your page is hacked, I'm ready to share how it happened.

Let me start by saying that I never thought this would happen to me. I am careful on the Internet, I know not to give my passwords out or to download stuff from pages I am not absolutely sure are safe.  But I was hacked last Sunday night and don't have my page back yet.

I was online when I got a message from "Facebook for Business" stating there had been a lot of complaints about my page and that if I didn't verify ownership the page would be permanently deleted in 48 hours. There was a link to verify the page. I checked the source of the message. It led to a page that said it was run and monitored by Facebook employees and it looked official. I noticed that the URL looked funny to me, sort of like a Tiny URL would look. But otherwise it looked fine. The page used Facebook typography and I knew there was a real Facebook for Business page.

I am unable to show you the actual message because the hackers have removed me as an admin and the message was sent to my page and I can no longer access it. There was a link along with the statement about needing to verify my page. I was suspicious and messaged them back asking why I needed to do this. They messaged back immediately stating "For the safety of your page" and the message had the link to verify the page again.

Update: Another page got the same message and got a screenshot. The URL is not longer functional.
As you can see, it's scary to get this kind of message

They caught me at a weak moment. I  was tired and needed to go to bed to get up for an early start in the morning.  The language used by the (I know now) hackers was standard English with correct grammar. I looked at the page again and except for the URL it looked legitimate. So I went back to the message and filled out the form.

Here's where it gets embarrassing. They wanted my password for verification purposes and I gave it to them. Then I immediately changed my password. In the time between sending the verification and changing my password they removed me as an admin and apparently unpublished my page. I was unable to even see it until yesterday (5 days later.)

Now I'm locked out as an admin but can see the page. Unfortunately when they re-published the page they began to post sexually oriented spam. I have notified Facebook but am not getting any response. I am not able to find the "Facebook for Business" on Facebook that I saw. I assume they created a clone page that is part of a website that in not on Facebook.

I am determined to get my page back. I'll update this post when there's something to share.

You can follow my new and I hope temporary page here.


  1. Kitty, I have been following your saga on FB...I hate to hear this, of course they took yours because you have so many followers. It does not seem right that it is sooooo hard to get a hold of FB powers to be! I have a Mac too and I just never worry about viruses and hacks. Of course the hack has nothing to do with a virus, it's just that I think I have gotten complacent, lesson learned! I hope it will straighten out soon, I never got any of the sex posts!


  2. I am so glad you didn't. I can't wait to for things to get back to normal again.xo

  3. I am so sorry this happened to you my friend!

  4. It's awful that this happened, but I wanted to thank you for letting us know what to be on the lookout for. Have a good weekend!