The day was last Friday evening. I’m minding my own business, then I get a Facebook message from a long lost friend asking for Shs50,000 urgently. He goes further to ask me to send it via mobile money and provides a number.
At that particular moment, I imagine well, maybe he needs it for some trivial reason and the amount is reasonably diminutive. Not being an avid user of mobile money, and never had reason to as my network (read Orange) is not that enthusiastic either, I told him I would need to get to a Mobile money shop. He agrees and says he’s waiting.
However, as I’m driving, I think Shs50,000 is not much for an emergency, so I decide to call the number receiving the money, a guy picks up and then hangs up. Then I call my friends actual number: “Hey, have you run out of cash...” Even before I could finish the statement, he starts going on about asking me whether someone has asked me for money through his Facebook account.
Apparently, this hacker has taken over my friend’s account and is soliciting money from unsuspecting friends. And that he had so far gotten 250,000 shillings. What’s smart is that the hacker solicits for small amounts so the innocent victim brushes off the idea of probing further.
The reality of hacking
The bigger issue though is the fact that Facebook hacking is real and is being done by Ugandans. How did all this happen and how can you prevent it?
There are many ways to prevent the next user of there device from accessing your account. The easiest one is logging out. And that is possibly what my friend did not do. Someone got onto a machine he had just used where he hadn’t logged out, then changed his settings specifically his password reset email.
Easy as it seems many people simply forget to logout of their accounts. Facebook accounts have great security features, but still users may get hacked, banned by Facebook or sometimes they lose their passwords because of saving their credentials with browsers auto save or in some rare cases while attempting to change their passwords.
Monitoring your Facebook account for unusual activity is one of the best methods available to prevent malicious people from taking over your account and causing trouble for you and your Facebook friends.
Attackers want to get access to your Facebook account for several reasons. If you are say an MP, then you may have people that oppose your views. Sending messages from Facebook contrary to your stated position on an issue may confuse your followers. Others want to use your account to get to your Facebook friends.
Expressly, they want to send messages to your Facebook friends pretending to be you. Your Facebook friends are more likely to trust posts and messages from your account.
If you access Facebook from multiple devices like your home computer, your laptop, your tablet, your phone, a work computer, or friend’s computer, then you should be aware that you need to monitor your account for unusual activity.
It’s quite easy to forget to logout of Facebook. Some less scrupulous individuals may have access to your account and can make life miserable for you.
Remember, just closing the tab in the browser or even exiting from the browser software will not log you out of Facebook. You have to select and click “Log Out” from the menu in the top right portion of the page.
Facebook account login notifications provide an easy way to monitor your account and the devices used to access it. Login notifications are useful in that you are immediately informed if your account is accessed from a new device without your knowledge.
You can also assign a unique name to each device used to access your Facebook account for later review. Enabling this feature will keep you better informed about unauthorised access to your Facebook account and provide you with an easy method to review the approved devices later.
Just last month, Facebook enabled a privacy feature called Trusted Contacts that allows you to select three to five confidants from your friend list to receive the virtual key to your account.
If your Facebook is compromised by hackers or you forget your password, these people can supply the codes to get you back in.
While this sounds like too much work, there’s a whole lot more cleanup you’ll have to do when your account is hacked into.
Regaining control of your hacked account
How do I know if my email or social network account has been hacked?
There are posts you never made on your social network page. These posts often encourage your friends to click on a link or download an App.
A friend, family member or colleague reports getting email from you that you never sent.
Your information was lost via a data breach, malware infection or lost or stolen device.
If you believe an account has been compromised, take the following steps:
•Notify all of your contacts that they may receive spam messages that appear to come from your account. Tell your contacts they should not open messages or click on any links from your account and warn them about the potential for malware.
•If you believe your computer is infected, be sure your security software is up to date and scan your system for malware. You can also use other scanners and removal tools.
•Change passwords to all accounts that have been compromised and other key accounts ASAP. Remember, passwords should be long and strong and use a mix of upper and lowercase letters, and numbers and symbols. You should have a unique password for each account.
If you cannot access your account because a password has been changed, contact the web service immediately and follow any steps they have for recovering an account.