Info@NationalCyberSecurity
Info@NationalCyberSecurity

How a hacked Facebook scammed a follower out of $5,000 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker


When the Facebook page belonging to Matt Bell, a 44-year-old chef in Nashville, fills with posts about the large sums of money he has helped people make off cryptocurrency investments, one of his followers — a therapist familiar with Bell’s work in the Little Rock food scene — looks right past the red flags.

To his knowledge, Bell is a savvy businessman, so when his account promises a 350 percent return in mere weeks, the therapist takes the leap.

“It’s a weird process for me,” the therapist writes to Bell on Facebook Messenger in August 2023. “I wouldn’t do [it] for anyone other than someone like yourself that I trust.”

What everyone can learn from the woman who lost $50,000 to a scam

The therapist — who spoke on the condition of anonymity, citing concerns that his reputation might be negatively affected — doesn’t know he is exchanging messages with a scammer who has taken over Bell’s account. Eventually, the therapist loses the $5,000 he put in and joins the ranks of consumers who in total lost more than $10 billion to fraud in 2023, according to the Federal Trade Commission, up from the nearly $9 billion lost to scams in 2022.

While the therapist got ensnared in one of social media’s persistent, expensive problems, his acquaintance Bell fell victim to a Facebook hack. Hacking and being scammed are so common that law enforcement officials are growing just as frustrated as consumers. Last week, a bipartisan group of 41 attorneys general sent a letter to the top lawyer for Meta, the parent company of Facebook and Instagram, urging the company to take “immediate action” to address “the dramatic increase in user account takeovers” on its platforms.

Help Desk, the personal technology section at The Washington Post, has received hundreds of emails from people locked out of their Facebook accounts with no idea how to get back in. Multiple hack victims told The Post in 2022 that they were unsuccessful in trying to connect with customer support staff over the phone and that emailed responses from customer support were often rote and unhelpful.

“Our offices have experienced a dramatic and persistent spike in complaints in recent years concerning account takeovers that is not only alarming for our constituents but also a substantial drain on our office resources,” the letter states. The attorneys general go on to say they “refuse to operate as [Meta’s] customer service representatives.”

For its part, Meta says it invests heavily to detect and identify compromised accounts and fraud.

“Scammers use every platform available to them and constantly adapt to evade enforcement,” a Meta spokesperson said in an emailed statement last week. “We invest heavily in our trained enforcement and review teams. … We regularly share tips and tools people can use to protect themselves, provide a means to report potential violations, work with law enforcement and take legal action.”

What to do (and avoid) after you’ve been scammed

Bell’s account was hacked despite having enabled two-factor authentication. But what separates his case from other hacks is that he ceded control of his account after spending a few days trying to regain access. From late June until September, on a near-daily basis, his hacker shared stories on Bell’s Facebook page about teary-eyed couples buying houses and video testimonials from people exclaiming that Matthew Bell changed their lives through his work as a “verified crypto broker.” There are also oddly personal posts about Bell’s wife, Amy, and long, existential screeds about the challenges of running your own business, all written by the hacker.

With every post, Bell said, his phone exploded with texts from friends asking if he’s been hacked and mocking the scammer’s posts. “The man [is] robbing you of your street cred,” Jessica Phillips texts her friend Bell after seeing the scammer post the phrase “Hakuna Frittata.”

Recent data suggests that Bell isn’t alone in his response to simply drop out. According to a 2023 survey from the Identity Theft Resource Center, roughly 100 of the 1,034 respondents reported that they either stopped or significantly reduced their social media presence after an attack.

“Anecdotally we hear from victims who have stated that they have not only given up on recovering their hijacked account, they are walking away from social media all together,” said Eva Velasquez, president and CEO of the Identity Theft Resource Center, “because the experience has been so challenging and emotionally fraught that they no longer find the benefit of using social media greater than the risk associated with it.”

Declining to comment on what may have happened in Bell’s case, Meta spokeswoman Erin McPike said the company offers information on its website for how to avoid scams on Facebook and Instagram and encourages users to report them. However, the ITRC notes, these queries often go answered.

“Currently, there is zero escalation assistance for customers,” Velasquez said. “Many victims report filing their online complaint directly with the platform, only for it to go into a black hole as they never hear from the platform again.”

Although the reasons are difficult to pin down, the lapse in client-facing customer service has coincided with recent cuts in trust and safety teams at several social media platforms.

Glenn Ellingson, a visiting fellow at the advocacy organization the Integrity Institute, notes that after X, the platform formerly known as Twitter, aggressively slashed user protections, its number of users declined starkly. A May 2023 study from the Pew Research Center found that a majority of X’s U.S. adult users took a break from or left the platform in the preceding year.

This matters, Ellingson said, because “users who have a particularly bad experience with a platform — first of all, they don’t come back, and secondly, they tell their friends. This is how people end up feeling unsafe on platforms, this is how people end up not feeling welcomed into communities, it’s how people leave those communities and go find other communities run by other companies.”

Ultimately, the real Matthew Bell does return to Facebook — though it’s really thanks to his wife, Amy. After her page was also hacked in September, she finds that she knows someone who works at Facebook. Within hours, she is connected with a specialist, who helps secure her account and her husband’s.

After regaining access to his account, Bell cleared his page of the scammer’s handiwork. In late October, he posts on Facebook, highlighting his favorite posts from his hacker. A few weeks later on Instagram, Bell shares a photo from a recent trip to Morocco. The caption: “Still not selling crypto.”

——————————————————–


Click Here For The Original Story From This Source.

.........................

National Cyber Security

FREE
VIEW