Tuesday, December 30, 2008

My Facebook Account was Hacked!

Originally uploaded by cheryloakes50

This blog post is cross posted at TechLearning.com

In one afternoon during our 6 days without electricity and heat in the Maine Icestorm, I received no less than 6 frantic messages from my young college friends. "Did you know your Facebook was hacked?" was the basic theme.

My first thought was, hm, that is a crazy page to hack and what had I last done on my account?? When I was finally able to talk to my son, Nathan, he wondered if I had seen the page, yet?, No not yet, we still have no power, and although we had power at school, Facebook is blocked at my school. ("I've yet to have a compelling educational reason to unblock Facebook".) So, I asked him to take a screen shot of my page getting hacked and then I would contact Facebook. My youngest son Daniel was ready to take on the hacker, until he thought better of it, that he too might be hacked. I assured them both that Facebook would help out.

Early in 2008, I had read a blogpost about a blog being hacked and then ransomed for money. It was a blog and an online business, so it would appear someone had a financial reason to expect the website was worth some money to someone, who would pay to have their account restored to them. As I researched for this post, I found a recent ransom article that surprised me. Then we all heard how Gov. Sarah Palin's email was hacked late in the Presidential campaign of 2008.

Why a Facebook account?

When I was finally able to view my page, my photo had been taken over and a message replaced my photo, a sinister message, had been left, "tell her, her page has been hacked, ha, ha, ha." I contacted abuseATfacebookDOTcom, after I had read through their FAQ section on what to do with problems with an account. I explained what had happened and wondered if they could help. I received a noreply email saying that they received my email and someone would contact me in 72 hours. Within that timeframe, I was contacted by email, my page was reset, and I entered my 'ransacked' facebook page. There were 2 images in my photos and while I could delete one, the other was still not in my control. 2 days later, a comment appeared in my profile from my hacker, which again I was notified by my son to go in and delete the profile message. At that time I was able to get rid of the hacker photo, and the hacker profile information that had been added.

What had I done to open myself for a hack? Usually on my Facebook page, I add information about teaching and 21st Century Skills for educators. I have a link to my high school, my college and my personal learning network of virtual acquaintances. I never leave my page open, and 90% of the time I access Facebook from my home computer. What had I done to invite a hacker?

I had accepted a snowball fight! You know those cute little 3rd party applications that Facebook warns you about, here is the warning!
Allow Access?
Allowing Snowball Fight! access will let it pull your profile information, photos, your friends' info, and other content that it requires to work.

By proceeding, you are allowing Snowball Fight! to access your information and you are agreeing to the Facebook Platform User Terms of Service in your use of Snowball Fight!

That was the only thing I could think of that was unusual about what I had used my account for, I threw a snowball. The next day my page was hacked. Was this a fluke or was something tied to the snowball fight? I don't know, but what I do know is that I won't be using the 3rd party cute applications on my account.

What are some things to do to prevent any of your online accounts from being hacked.

Use different passwords for your online web2.0 tools/games/sites than you use for personal banking and online ordering. ( I know, I know, it is hard to remember all the passwords you need, but nonetheless important.)
Change your passwords for your personal online banking, credit cards, personal ordering on a regular basis.
Use applications that you are familiar with and read the fine print.
DO NOT USE the standard remember your password Question!!!Why? Your mother's maiden name, your birthplace are in the public record. Sure it is easier to remember, but also easy for hackers to find.
Make up your own question and answer in order to retrieve your forgotten password.
Keep your identity yours.
URL of the image @ flickr http://www.flickr.com/photos/coakes50/3152363334/