Inside the sinister cyber rings hijacking Facebook accounts

Have you ever wondered what would happen if you lost your Facebook account overnight? For some of us, this is not a hypothetical scenario but a harsh reality. In fact, in many cases, their accounts are hacked by cybercriminals from Vietnam, who use them for various shady purposes or sell them on the black market.

This growing problem affects millions of Facebook members and exposes them to many problems, including identity theft, financial loss, and emotional distress.  And sadly, Facebook is very difficult to rely on for hands-on support when crime strikes leaving you to follow complicated often unhelpful do-it-yourself solutions.

 

MORE: THIS FACEBOOK MESSENGER PHISHING SCAM IS STEALING MILLIONS OF PASSWORDS

 

How are hackers stealing Facebook accounts?

There are different methods that hackers use to gain access to Facebook accounts, like exploiting weak passwords, but one of the most common and effective ones is called “cookie theft.”

Cookies are small pieces of data that websites store on your browser to remember your preferences and login information. When you visit Facebook, for example, a cookie is created that allows you to stay logged in without entering your password every time.

However, cookies can also be stolen by hackers who use malicious software or phishing techniques to trick you into clicking on a link or downloading a file that contains malware.

Once they get these cookies, they can use them to log into your account from anywhere in the world without needing your password or verification code. They can then change your password and security settings, making it harder for you to recover your account.

 

How hackers in Vietnam use stolen cookies and fake emails to hijack Meta accounts

You might think that hacking into someone’s Facebook account is hard, but shockingly it’s actually quite easy if you know where to look. In some countries, like Vietnam, you can buy stolen cookies or session tokens for a cheap price. These are like digital keys that let you access someone’s account without needing their password. You can get 1,000 cookies for $80.

Yet that’s not all. There’s also a Telegram channel that sells fake Facebook support emails for only $50 per 100. These emails look like they’re from Facebook or Meta, but they’re really from criminal scammers who want to trick you into giving them more access to your account.

MORE: HOW TO AVOID BEING A VICTIM OF THIS SNEAK FACEBOOK MARKETPLACE SCAM  

 

What do hackers do with stolen accounts?

These Vietnamese hackers can use stolen accounts for various purposes, depending on their motives and skills. Some of the most common ones are:

Scams: Hackers can impersonate you and send messages to your friends and family, asking them for money or personal information. They can also create fake posts or ads that promote products or services that are fraudulent or illegal.

Fraud: Cybercriminals can use your account to make purchases or transactions using your linked payment methods, such as credit cards or PayPal. They can also access your other online accounts that use the same email or phone number as your Facebook account, such as Amazon or Netflix.

Resale: Hackers can sell your account on the black market, where there is a high demand for old and verified Facebook accounts. These accounts can fetch higher prices than new ones because they have more friends, followers, and activity. They can also be used by other hackers or spammers who want to avoid detection or verification.

MORE: DON’T FALL FOR THAT “LOOK WHO DIED” FACEBOOK MESSAGE TRAP

 

Why does this matter?

Losing your Facebook account can have serious consequences for you and your loved ones and lead to identity theft, financial loss, and emotional distress.

Your personal information, such as your name, photos, and date of birth, can be used by cybercriminals to create fake identities or documents. They can then use them for illegal activities or fraud, putting you at risk of identity theft.

Your payment methods or online accounts can be compromised by hackers who can make unauthorized purchases or transactions with them. This can drain your funds or damage your credit score, causing you financial loss.

Your precious memories, such as photos and videos that you have stored on your Facebook account, can be deleted or altered by hackers. They can also harass or threaten you or your contacts, causing you fear or anxiety. This is sure to affect your emotional well-being and mental health.

MORE: FOOLPROOF STEPS TO HELP PROTECT YOUR FACEBOOK ACCOUNT FROM HACKERS  

 

What to do if you get locked out of your account

You may realize your account has been taken over by a hacker if you can’t log in, or you may notice some red flags while still logged into your account – like posts you didn’t create. If you’ve already been hacked, follow these steps:

  • The first step is to check if you still have access to the phone number or email you set up your Facebook account with.
  • If you do, go to facebook.com making sure you’re logged out of any other account, and click Forgot Account.
  • Follow the on-screen instructions to receive a recovery link to your email or phone number.

If you do not have access to the phone number or email associated with your Facebook account, head to facebook.com/login/identify. You’ll be able to fill out a form to have Facebook review your account while answering a few security questions to prove the account you’re trying to recover is yours. Sometimes you’ll have to provide proof of ID like a photo of a driver’s license.  We understand there is hesitance with wanting to upload your ID, but Facebook says these uploads are encrypted and stored securely.

Regrettably, those who fall prey to these Facebook scams frequently feel neglected by Meta. While there are avenues to report such breaches as I’ve mentioned above, they frequently fall short. I’ve received countless emails from individuals expressing their frustration, and I too have experienced the shortcomings of these support channels when dealing with Facebook issues.  If you have tried the above, unfortunately, we currently have no additional tips to retrieve your account, so we stress you should be proactive now and take the following steps to prevent your Facebook account from ever being compromised in the first place.

 

What can you do to protect yourself?

The best way to prevent hackers from stealing your Facebook account is to take some personal protective measures before it happens.

Strong passwords: Use a unique and complex password for your Facebook account that is different from your other online accounts. Change it regularly, and do not share it with anyone. Also, consider using a password manager to securely store and generate complex passwords. It will help you to create unique and difficult-to-crack passwords that a hacker could never guess. Second, it also keeps track of all your passwords in one place and fills passwords in for you when you’re logging into an account so that you never have to remember them yourself.  The fewer passwords you remember, the less likely you will be to reuse them for your accounts. Get more details about my best expert-reviewed Password Managers of 2023

Two-factor authentication: Enable two-factor authentication (2FA) for your Facebook account, which requires you to enter a code sent to your phone or email whenever you log in from a new device or location.  Following these steps for:

Avoid suspicious links: Do not click on links or download files from unknown sources or look suspicious. They may contain malware that can steal your cookies or infect your device.

Install antivirus protection:  As hackers in Vietnam are increasingly targeting Facebook accounts for financial gain, it is essential to invest in strong antivirus protection on all of your devices and keep all operation software updated at all times.  Strong antivirus software actively running on your devices can alert you of malware in your system, warn you against clicking on any malicious links in phishing emails, which are often used by hackers to steal your login credentials, and ultimately help protect you from being hacked.  It’s the most important thing you can do to make yourself resilient against these growing threats.

Get my picks for the best 2023 antivirus protection winners for your Windows, Mac, Android & iOS devices.

Best Antivirus Protection 2023

 

Report hacks: If you notice any unusual activity on your Facebook account, such as posts or messages that you did not create or send, report it to Meta (Facebook’s parent company) as soon as possible. You can also use the Hacked Accounts section of Facebook’s Help Center to recover your account or secure it.

Use identity theft protection: To protect your identity from these Vietnamese crooks, investing in identity theft protection is a smart move. Identity Theft protection companies can monitor personal information like your home title, Social Security Number (SSN), phone number, and email address and alert you if it is being used to open an account.  They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by, in this case, cybercriminals from Vietnam.

See my tips and best picks on how to protect yourself from identity theft.

 

 

Kurt’s key takeaways

Sadly, victims of these Facebook heists often feel abandoned by Meta. Although there are channels to report hacks, they often prove ineffective. I can’t tell you how many emails I get from people telling me, and I’ve been there myself, how ineffective these channels are to actually help you with Facebook.

Meta has been criticized for enabling the hackers and not providing enough support for the victims. However, there is an increasing call for big tech regulation to address these cyber threats and hold Meta accountable for its users’ safety and privacy. We did reach out to Meta for a comment on this story but did not hear back as of our deadline.

Do you think Meta should offer more meaningful support to help when your account is locked out? Let us know by commenting below.

FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

Answers to the most asked CyberGuy questions:

 

Related posts

Best last minute holiday gifts

Understanding brushing scams and how to protect yourself

From TikTok to trouble: How your online data can be weaponized against you

5 comments

Chuck October 24, 2023 - 5:23 am
I deleted my Facebook account several years ago because Facebook itself was misusing my info to send me unwanted ads.
Sherry October 24, 2023 - 6:00 am
I was hacked in January and lost my Facebook account with over 700 friends. Sadly, I still see part of my decimated account under the name of Ruth Bella. It even sent my new FB account a friend request! I am still sad. My ten year account was stolen. I reported the details to FB four times with not even a response, muchless a solution.
Judy October 24, 2023 - 1:50 pm
This just happened to me on Instagram. I was locked out of my account. When I tried to recover the info, it sent a code to an email ending in .net, which I have never had. It would not accept any code sent to my phone, or Google Authenticaiton codes. I am now locked out of my Instagram account and the name on the account has been changed. I sent many messages to the Instagram folks and haven't heard back. So far nothing nefarious has happened but I don't know what to do.
Karen October 25, 2023 - 7:23 am
My personal FB account was hacked plus my 2 affiliate marketing accounts. I need them back desperately!. Any help anybody has would be greatly appreciated. My incoming and outgoing messages are going to person who hacked it.
Cindy L November 3, 2023 - 6:53 am
Unfortunately this is a frequent occurrence with Facebook. I use my FB account to stay in touch with friends I've known for over 50 years. This is the only way I can have of communicating with some of them so if I lose it, I lose them. I've reported multiple hacks and never hear back. I haven't connected my Instagram because of this issue,
Add Comment