Cissie Lowe is a huge Elvis Presley fan who loves everything about The King, especially his movies.
She founded an Elvis fan page on Facebook seven years ago, gaining 32,000 followers, many of whom she considers personal friends.
Moderating the site took up a good part of her free time, until recently, when a hacker took it over and locked her out.
“A month ago, it got stolen from me,” she said. “And nothing’s been done about it.”
Lowe believes a hacker in Indonesia (based on tracing the new administrator) now controls the group she founded seven years ago.
“He took me out of my group, blocked me and I couldn’t even get in it,” she said. “He took my admin status away.”
She believes the hacker is now making money selling the contact info of all her followers.
So how did a scammer get her password? She has no idea.
We contacted Facebook executives, hoping they could investigate, but have yet to hear back.
How this new Facebook scams works
Unfortunately, scams are all too common, where someone takes control of your Facebook page or another social media site.
One phishing scheme, however, has impacted 10 million people and counting.
That’s according to Chris Cleveland, founder and CEO of PIXM, which recently uncovered a massive phishing campaign on Facebook Messenger.
Cleveland says an attack typically starts with a message from someone you know.
But the message isn’t from your friend. It’s actually from a hacker who has taken over their page.
“I get this message,” Cleveland explained, “and I enter my credentials there. Now the hacker can send that message to all my friends (posing as me) and propagate the message that way.”
Once you click the link, you’re redirected to a legitimate ad (that makes the whole thing look official) before being sent back to a fake login page.
That’s where hackers ask you to re-enter your Facebook password. As soon as you do that, they have control of your account.
How to protect yourself
So how do you protect your information?
Cleveland says two-factor authentication is a must, where you get a text alert before anything is changed on your account.
Beware unusual requests from friends, such as requests to click something to get free government money.
“Even if you trust that person,” Cleveland said, “make sure you contact them first before you take that call to action or click on that link.”
Finally, he says never use your Facebook password for other accounts. If the password is compromised in any way, the hacker can get into your other social media accounts, even your bank account.
Cissie Young is devastated, unable to access her Elvis fan club and contact her 32,000 friends.
“I got robbed. I feel violated,” she said.
She may or may not be a victim of this latest scam but is just praying that Facebook restores her administrator credentials for her Elvis fan club.
Bottom line: If something feels strange, don’t click, so you don’t waste your money.