Facebook account hacked
April 28, 2021 11:54 AM   Subscribe

My wife's facebook account was hacked, they have changed the password and the recovery email. Going through the automated process leads to a dead end when they try to send a new password to that changed recovery email address. The profile has been deleted so I can't report it hacked from my account. What are our next steps?

We've read through a bunch of different guides, but many presume that the recovery email is still accessible, or that her friends can report that her account is compromised. Neither of these is possible for us as the hacker has changed the recovery email and seems to have deleted her account (not sure why- isn't the purpose to use her account to trick others??).

I forget which of the many steps it was, but one of the paths ended with us reporting the account as hacked and sending a photo of her ID as proof that it was her. That felt like progress, but then I've read subsequently that many people never hear back after taking that step.

Is there anything else we can do? It's not the end of the world, but there were a lot of special photos on her account. We're also expecting our first child in a month, so it'd be nice to be able to share that with people :) Any help is much appreciated!
posted by twirlypen to Computers & Internet (3 answers total)
Can't help with the facebook account recovery, but as far as sharing pics of your upcoming child - you can share them from your account, can't you?
posted by Julnyes at 1:02 PM on April 28 [1 favorite]

This may offer some help beyond what you've tried.
posted by beagle at 2:20 PM on April 28 [3 favorites]

I'm sorry to hear you've had this intrusion. FB is huge and subcontracts a lot of their maintenance work. Keep pressing to get attention from the people in the machinery, but you'll most likely need to create a new account for the ongoing relationships that through Facebook.

You've not asked but it's worth repeating all of the guidance about intrusion: check with a service like haveibeenpwned.com and monitor.firefox.com to see if other passwords have been leaked in a different cyber-attack. If you reuse passwords across sites, then someone might have discovered the password that way. Change all the passwords that have been leaked in a security breach.

When you create that new FB account, set up multi-factor authentication (MFA, with 'something you know' like a password plus 'something you have' like a device rolling through pre-shared secret numbers). Putting an app on your phone is preferred over SMS codes because USA phone companies make it easy to clone a phone and receive duplicate authentication codes.

Critically, pick the people who will affirm you're trying to recover an account and brief them about what you need, saying something like "after that account was stolen, I'm going to use all the security tools to protect my access and if you see this, send me a text to confirm it before doing anything."

Then, finally, print and store in a safe place the single-use account recovery codes that you would need if all the other routes to recover an account are lost. It can be useful to drill using the recovery codes, say if you choose to cycle through a new password every a couple of times a year. (Password complexity is tricky so to use inputs that have enough randomness, I use a password manager with its own complicated, never-shared-online passphrase.)

It's a really solid idea to set up MFA and single-use recovery codes for every account that supports them. I'm sorry that you've had this happen.
posted by k3ninho at 1:22 AM on April 29

« Older Mirroring / replicating (which is the right word?!...   |   Choosing a Ductless Mini Split Based on Sound Newer »

You are not logged in, either login or create an account to post comments