Is your Facebook page hacked? Have you lost admin access to your Facebook page? Well, you are not alone! With the increased monetization abilities in Facebook, the socially engineered attacks on content-creating pages are skyrocketing worldwide! Losing full control of a Facebook page is now just a few clicks away.
In this post, we are going to discuss the way we recovered and restored admin access to a news channel's primary Facebook page.
Recently, one of our news media clients lost all the admin and editor access to their main FB page and turned to us asking "how to restore admin access to their hacked Facebook page".
Upon investigation, we discovered that our client was under a sheer social-engineering attack. This was an advanced level attack where the miscreants possessed very in-depth knowledge of FB business manager & access sharing ways, page role moderation techniques, payout account set-up, ad manager access, pixel insertion for retargeting etc. They disguised as FB representatives, called our client asking for access in the name of setting up the payouts, and sent some page role moderation access links. Clicking those FB-generated links and confirming the access gave the admin rights to the outlaws.
Now, with the newly acquired access, they went a step ahead and after adding another admin from their end, removed the access to the entire business manager account where they initially requested and gained the access. This left all the actual admins and editors out of the page.
Being a reputed satellite news channel of Assam, our client was under continuous branding depletion as the miscreants started uploading nudes in the story section of the page. The notoriety took a serious toll when the client started receiving calls complaining about story contents. They were slammed on social media as well.
Moreover, it was a stressful period for all the employees of our client.
After a scrupulous analysis, to restore the lost admin access to the client's Facebook page, we decided to take the Copyright way.
First, we asked our client to file a police complaint which was meant for multiple aspects ranging from their responsibilities as a news channel to make any references while filing with Facebook,
Second, we acquired certain documents with the usage consent from the client: Their incorporation certificate, a notarized affidavit on a ₹100/- stamp paper mentioning the rightful owner, admin, and editors for the page. (Use our contact form to ask for the affidavit format),
Third, we went to the HELP section of Facebook available on facebook.com/help, selected 'Policies & Reporting' > 'Intellectual Property' > 'Copyright',
Then clicked on 'this form' as shown in the image above, and landed on https://www.facebook.com/help/contact/1758255661104383,
It is always better to report from a profile where you earlier had access while using this form. So, we selected "I am the rights owner" using the client's FB profile,
After filling up the self-explanatory fields, we chose 'others' for the question "Which of these best describes the copyrighted work?",
For the field "Please provide links (URLs) leading directly to the specific content that you are reporting", we inserted the hacked FB page URL,
The next field "Describe why you are reporting this content" will give you three options, and the desired one is "This content copies my work",
In the additional information field in this form, we gave the detail of the issue and requested FB's prompt response,
In the ATTACHMENT section, we uploaded a PDF file containing the incorporation certificate, GST certificate, the notarized affidavit, and the police FIR copy,
Before clicking the SEND button, this form requires an electronic signature where we simply placed the name in the profile we used.
We got the access back within 24 hours of using this method. Those hackers were thrown out of any access by Facebook itself.
In case, you have noticed this loss of admin access within 3-4 days and used to be an admin of the page before it was hacked, make use of this HELP page link.
This link might come handy before taking the long route drafted above. Just make sure that you were one of the admins to that page.
HOW TO PREVENT SUCH FB PAGE ACCESS ATTACKS?
Prevention is better than cure, and it applies to the contemporary digital world as well.
1. Be vigilant of any access that you share, and try to make the access holders legally responsible.
2. Never share your login credentials with anyone.
3. Do not leave your FB account logged in on office computer/s.
4. If you have to share login credentials with any of the office staffs or clients, share it only via a secure platform like LastPass or DashLane.
5. A clause of confidentiality should be added to the internal social media usage policies and job offer letters to the social media employees.
6. Never click a link or scan a QR code shared by someone you don't know personally. Even for those you know, try to verify the root domain before clicking. If it is a shortened URL on an OTT like WhatsApp or Telegram, simply steer away!!
7. Be bold, be prompt, and ask for help! FB's help section and the support systems are good enough to keep you floating in any disaster. Make use of it!
In case you need any advanced Facebook help, please contact us at firstname.lastname@example.org. Thank You!