Well, it finally happened. After criticizing the worst effects of social media for over 10 years, I was finally hacked, locked out of my Facebook account, and (I assume) will be unable to restore any of the material or connections going back to 2007. I’m sharing the details in this post because what I now believe to be a phishing-style attack had the appearance of Meta erroneously booting me for failure to comply with community standards. And frankly, Meta is so useless from a support standpoint that it hardly matters.
Whether Facebook moderators are in error, or the account was targeted by a hacker, there is no clear process for the average user to remedy either issue—just a Kafka-designed carousel of unhelpful articles and FAQs. And of course, beyond Facebook’s garden wall, one finds more scammers with offers to “help” because if you recently fell prey to a hacker, you’re bleeding in shark-infested waters.
Hacker or Facebook Moderators?
I say the attack was phishing-like because the initial communication did not come through email. Those are common enough and usually easy to spot. The email with the slightly blurry logo and wrong URL that claims to be your bank or insurance company or some other party with a message, invoice, or payment for you is trying to get you to click a link and download malware. As I say, these are easy enough to recognize and delete. But in this case, the communication came from within the Meta/Facebook environment—and not just as a DM in the Chat app.
Initially, I received messages from “Meta Business” in the Meta Business section of the platform. These were directed to me as the administrator of the Illusion of More page and not to me personally. I was told that IOM had been reported for (get this!) a copyright violation. As I do not engage in copyright violations, I responded to say that an error had been made, believing that I was writing to Meta since I was clearly on the Meta Business page and not some bogus URL. Unsurprisingly, there was no response, and a few days later, I was told in the same thread that my business page had been disabled. But the IOM page was not disabled, and I did not know what to make of the messages, especially when communication with Meta is not an option.
A few days later, I received a message directed to me personally, again within the Facebook platform, stating that an attempted login had occurred from an unusual location. I took the recommendation to change my password, and I do not believe I clicked on anything outside the Facebook universe such that I might provide the new password to a hacker. Nevertheless, several hours later, my personal account was disabled, and the relevant email and phone number were newly associated with an account called “Meta Copyright Infringement.”
I created a new personal account and did a search for “Meta Copyright Infringement” as People and found that many accounts have suffered this same fate. Some appear to still have pages intact, while others are blank:
Attacks of this nature have been reported since at least the start of 2023, but the articles I found all describe phishing via email, which is usually the vector. But unless I was truly distracted, all communication I received was within the Meta environment, and if hackers are spoofing Meta from within Meta, this implies a new and sophisticated campaign to acquire login credentials.
As for the rationale of the hacker(s), it is hard to say. In my case, as a copyright advocate, I can be a target for an anti-copyright hacker who just wants to mess with me. But so far, nothing inappropriate seems to have appeared on Facebook in my name. In fact, that account appears to have been deleted altogether. On the other hand, this just happened, so we’ll see. In the meantime, I no longer have control of two business pages, including Illusion of More on Facebook, because I was the sole administrator.
As mentioned above, this apparent hack is barely distinguishable from Meta disabling my account for an alleged violation of community standards, and the company offers zero remedies to address either issue. I mean, yeah, there’s a Help Center, but it makes the average DMV look like a hotel concierge. Meta provides a “review form” for disabled accounts, but this “form” only asks the customer to input a name, email, and a copy of ID to prove identity. But, of course, if the email entered is associated with a disabled account, you get a message saying that the account doesn’t exist, which indicates a hack, so…
Follow the instructions for recovering an account you think was hacked, and Meta will help you identify the account associated with the email…
Assuming that’s what FB thinks my account is now, I reluctantly click This is My Account, and…
And you can guess where that link “here” leads. Yup. Right back onto the carousel playing the calliope from Hell mocking you for getting on the ride in the first place.
I don’t know. Maybe I missed a clue somewhere in the attack, but the most compelling detail here is that it looked a lot like communication from Meta and within Meta. In fact, if Meta were to contact me at some point and confirm that they did kick me off for an alleged copyright violation, I would not be very surprised—except that it would still be an error. But apparently, this is what support looks like for a platform hosting three-billion people: when we can’t quite tell the difference between a cyber-attack and half-assed moderation insulated from its users by layers of bullshit.
