Losing a Facebook account might not seem like the most significant issue, but losing a decade's worth of memories and Messenger chat history is indeed a major loss for many. Furthermore, losing access to third-party apps and websites where users have utilized Facebook Login for signing up can be a big headache.
So first of all, to prevent data loss, occasional backups are recommended (especially if you have photos of passed soldiers or chat logs related to custody disputes, as mentioned by the individuals intervieweded):
- Download a copy of your information on Facebook: https://www.facebook.com/help/212802592074644
- Download a copy of your information on Messenger: https://www.facebook.com/help/messenger-app/713635396288741
How were the accounts hacked?
Common methods for account hacks include weak or reused passwords, email compromise, or phishing. Many accounts have been hacked through cookie hijacking, which is often caused by malware (such as malicious browser extensions) on the victim's computer.Multi-factor authentication can prevent password-based attacks, but if the session is active and a cookie is stolen, the attacker gains access to the platform. Platforms could mitigate further losses by implementing techniques such as enforcing re-login when a user's geographical location changes or requiring MFA when significant changes are made (e.g., email address, phone number, password).
Compromised Facebook accounts are used for various schemes. One common method to leverage breached accounts is to exploit the trust among the account holder's contacts. Sending phishing or promotional messages to the profile's friends provides a head start for further scams. Another mentioned tactic is to conduct Facebook marketing using the stolen account. If the account has payment methods available, the attacker can run their own advertisement campaigns "for free".
There are no waterproof solutions to prevent these scams. The end of the article summarizes the situation well:
"[...] people should take things into their own hands by frequently backing up their data and performing safety checks to avoid getting hacked in the first place. That also means being aware of common online scams — everything from phishing emails to malicious links - and knowing how to avoid them."
