BY MARIAH SMITH
I have been noticing more recently that some of my friends’ Facebook accounts have had some strange activity. One friend of mine would add myself and many of our mutual friends to a group that either had no name or portions of the page were written in a different language. After contacting him, and discovering that it was not his doing, I started removing myself from these pages only to be re-added twenty minutes later. Luckily it stopped after a few days, and he seems to have full control back, but it was still kind of unsettling.
A few days later, I noticed more friends’ page names completely changing to another language- making them virtually unsearchable, as well as a change in content and bios but with their pictures and old posts remaining. It was like a parasite living in the skeleton of their pages, leaving them helpless. Their pages, and any information on it being hijacked, or “hacked”, by some stranger on the other side of the world.
One family member of mine had experienced this and had a really hard time getting his page back. Facebook had little in the way of solutions to offer. Basically, once someone gets the password to an account, it is hard to remove them until the password is changed-which is difficult to accomplish at that point. But after about a week and some very disturbing posts (from his hacker), his page was saved without much damage that we know of, yet. He was lucky because he caught it early.
Many of these victims go months before realizing their page has been compromised. Some quick research found that the people who rarely use their accounts are the most susceptible to being hacked. Unfortunately, in most cases their page and all of the information on it is unretrievable. While this thought alone is scary, being hacked may mean more harm to some users than just an altered friends list or photo album. Any private conversations, personal information shared or stored, or other linked accounts and pages could fall into hackers’ hands as well. Luckily, there are some things you can do to protect your account and information from being violated in this way.
My first Google search found some chilling results. 8 out of the first 10 results advertised either a hacking service or lists of workarounds to hack an account.
This: https://www.cnet.com/how-to/how-to-tell-if-your-facebook-has-been-hacked/
And: https://www.facebook.com/help/131719720300233
You are more than welcome to use them if you suspect your account has been compromised. I started to wonder about the legality of these services. And why Google would allow so many of these sketchy results to return to more concrete sites such as the Facebook Help link. That’s something I can’t even begin to understand without further research, maybe even having to switch my major again. But hacking an account can’t be that easy… can it? I am not sure. Maybe?
I created a fake facebook page just to see where the first “hacking” result took me. The website opened with this. Notice how it even calls the person a “victim” in the third paragraph.
I clicked the “Hack Facebook” button and entered the URL of my fake account.
It searched for about a minute until it finished with a downloadable password.
I was too scared to actually download it, though. Who knows what kind of crazy virus or bug could be attached with that! Maybe I’m paranoid. Or maybe it doesn’t work at all, and there is a more sinister science to the people who succeed at hacking. But this is all still something to keep in mind while you scroll your timeline.
This TMN story is brought to you by: Sip N’ Spin
Prevention Methods
The first thing you want to do is step up your privacy settings.
If they aren’t on the highest setting, change it, or at least update it as you are comfortable.
You can find these settings by going to Settings > Account Settings > Privacy. Here you will be able to review who can see what information on your page. The tighter your circle of privacy, the better, in most cases. “Friends” or “Friends Only” is the suggested setting by Facebook.
You should first do a privacy check, which shows you a large portion of your privacy settings and allows you to change them individually right there. You can avoid finding and changing each setting on your own.
You can review which apps have access to your page within the privacy check, or follow Settings > Account Settings > (You may have to scroll a little bit) Apps. There you can individually disable or scale back their allowances. It is a good idea to disable the apps that you don’t know or use regularly. If you don’t want them to post for you, but you want to keep the app, you can change their visibility to “Only Me”, which I did for several of mine.
Consider disabling a public search. That means that if someone searches your name in a search engine (Google, Bing, etc.), your Facebook profile doesn’t show up in the results. This setting can also be found in a privacy search or by Settings > Account Settings > Privacy > Do you want search engines outside of Facebook to link to your profile. The automatic setting is yes (or on). To disable, just press the “switch”.
Having a strong password is also important. Use a password with capital letters, numbers and special characters. Diversify your passwords, too. If you have the same password for all your pages and accounts, it’s pretty simple to type that right into another account. To find this, go to Settings > Account Settings > Security & Login > Change Password.
Turn on notifications and two-factor-authentication. You can get notified and sent a verification code when a new device attempts a sign in. The person attempting to log in will not be able to until they enter that code. Follow Settings > Account Settings > Security & Login > Setting up extra security heading to find it. Click the button to get started, and follow the prompts. You can return to this setting to turn it off, or to change further security options.
Facebook also recommends you to select three to five friends as a back-up. If you are ever locked out, these trusted accounts can help get you back in. This would be useful if you have been hacked or lost access to your account. This can be found under the same Setting Up Extra Security heading. You must select three friends, and then I believe they have to each verify or enter a code if you have been locked out, so make sure they are reliable! Fortunately, I haven’t had to try this yet.
After your settings are perfect for you, you’ll want to go through your friends list and make sure you know everyone you are connected with. Delete anyone who you do not know, or are skeptical of. Delete friends who have been hacked, or look like they have been hacked. (You can report their page, too, if you suspect that it has been hacked.) Blocking them is an extra step. And both can be undone. Also, avoid adding strangers in the future.
Just general things to keep in mind
If a friend sends you a link on messenger (or email, twitter DMs, or other messaging services), ask what it is about before clicking it. It is possible that someone sent them the link, they clicked it, got “infected”, and sent it along to you without even knowing. If you click it, you will continue the process onto your friends. Asking what it is about ensures that they meant to send it. If they explain further, it’s probably legit. If they have no idea what you are talking about, it is very likely a scam.
Avoid clicking links to articles and other items from your timeline, too. Especially the quizzes and personal games. Before you take them, you usually give that site permission to use the information on your account, sometimes post for you, or to “like” their page or app. They can get access to your email address and subscribe you to their mailing lists- the annoying spam ones, or add their app to your account that you just cleaned out earlier in your settings.
If you ever get an email from Facebook, or any other company for that matter, asking for your personal or account information (password, email, name, etc.), it is probably a scam. They can be really believable, so be careful! If you have any concerns, verify their email by contacting them directly. You can do this from your account, or their website. Most have a “contact us” page or feedback options.
Avoid using the “Log in through Facebook” options when starting a new account on like Spotify, Netflix or other third-party apps. It is very convenient, so I know it’s easy to just let Facebook do the hard work, but if your account is ever compromised, it is possible that they can access the information on those pages as well- including payment info. Take the time to set up your own independent account. Fill in your name and email and all that jazz. You can link it later if you really want to, but it is hard to separate them if you create the account through Facebook.
Don’t log into any personal account on public computers. If you can’t avoid it, make sure that you LOG OUT when you are done. And then double check that you logged out. Don’t save the account information for easy return when it prompts you to, either. You can do this on a home computer or personal device, but you don’t want your username and password automatically entered for the next person on the computer to stumble onto.
Lastly, don’t share any personal information on Facebook, or any other “public” account, and messaging services. No matter how “private” you think it may be.
The less information you have on these sites, the fewer hackers have to use against you if you are ever in their line of sight, and, worse, if they are successful in hacking you.
That’s all I’ve got. Stay safe, friends!
And happy holidays!