A grieving wife has thanked the officer who reunited her with her hacked Facebook account and the many cherished memories it contained.
Becky* lost access to her profile shortly before Christmas after hackers compromised her email account and password.
These details were then used to take control of multiple additional online accounts, which the scammers then locked her out of.
Most distressing, however, was the loss of her Facebook account, which contained many years’ worth of photos, videos, and messages – many of them evoking cherished memories of her husband.
It was, she said, the potential loss of those memories that caused her the most distress. She explained:
“It was an awful experience. The hackers somehow got control of my email and used it to cause chaos.
“They got into my, email, bank account, my PayPal, my phone, pension, literally every think linked within my phone, shopping aps vinted account… you name it they tried it.
“As soon as I solved one issue, they’d strike again with another. It seemed never ending. It was relentless and even on Christmas Day attempts were being made.
“But what hurt me most of all was actually the loss of my Facebook account. I was locked out completely and the hope of regaining access slowly faded.
“The financial side of things could be sorted and banks etc have procedures in place to protect, but I knew I couldn’t replace the many memories I had on my Facebook page.
“I had pictures and videos on there featuring my husband and son together over the years, and given the circumstances these were so precious.
“I also use Facebook to keep in touch with friends and local communities / interests all of this was put on hold. I felt isolated, scared, extremely saddened and vulnerable.
“I had tried all avenues to contact Facebook but wasn’t getting anywhere, I was then contacted directly by Kirsty from Nottinghamshire Police.
“At first, I was so suspicious of everything that I refused to believe she was who she said she was – but she was just amazing throughout the process.
“She went through everything with me, gathered all the evidence I had collected and contacted Facebook on my behalf. She was just amazing.”
Social media account compromises are a growing trend, with scammers from around the world working to gain access to users’ accounts in a variety of ways.
Once in control of an email address and social media account, they will then attempt to scam the account owner’s friends, family, and even other members of the public with things like fake investment opportunities, fake ticket sales, financial requests and other scams.
Becky believes her accounts were compromised after logging onto an insecure Wi-Fi network during a trip to London, and is now urging others to turn on 2 Step-Verification (2SV) and use different passwords for all their online accounts – thereby making it much harder for hackers to gain control.
She added:
“If I can encourage just one person to look into to 2 Step-Verification for their accounts then I will be happy. I work with computers every day and thought I was safe from this kind of thing – but I wasn’t.
“So, if I can prevent just one person going through sharing my experience / speaking out will have been worthwhile.”
Kirsty Jackson, a Cyber Protect and Prevent Officer at Nottinghamshire Police, worked with Facebook to wrest control of the account back and hand it over to its rightful owner.
She said:
“Unfortunately, we are seeing an increase of email accounts being hacked from either a data breach (reused password) or from a phishing email asking users to change their email password due to an attempted login. Network provider accounts are also being targeted to bypass email and other account security.
“I am grateful Becky has allowed us to share this story as a warning to others about the dangers of using the same passwords across multiple platforms and not having two-step verification enabled across all online accounts.
“This is essential security to protecting your online accounts and would have stopped these hackers in their tracks.
“If you don’t take these simple steps and your data is lost or stolen, it really is only a matter of time before a criminal attempts to hack your accounts and cause you the kind of stress and anxiety experienced by Becky and the many other people we help in our team.”
*Becky has asked that we do not use her real name
Our top five tips for securing online accounts:
Follow our top 5 tips to reduce the risk of being hacked:
- Creating a secure password for each account by using ‘Three random words’. For example. Water98-Philosophy-$Zebra. This password strategy increases password strength and ease of use. Never reuse the same password. It is not about remembering passwords anymore, but how you manage them. Write passwords down in a book safely stored at home or use a password manager (search passwords in your phones settings as you will most likely already have access to one).
- Enable 2 Step-Verification (2SV) as this will add an extra layer of protection to your accounts. 2SV helps protect you against your password becoming compromised, so that nobody can access your account without you authorising via a second means. For example. Inputting a unique code into the website or app, that you receive via text message or via an Authenticator app (Authenticator apps are recommended, however, don’t use the same company/account as you use to save passwords). ENABLE 2SV: For each online account you have, refer to the accounts ‘Settings’ or ‘Account Profile’ and then ‘Settings’ and ‘Security’ to enable. Don’t forget your network provider account, as this is often overlooked and can be used to take over your phone number).
- Sign up to data breach notifications to allow you to change your password before a hacker can try accessing the breached details. HaveIbeenpwned.com is a free website that can check to see if your email has been linked to a known data breach. You can also sign up to the ‘Notify me’ service which can alert you if your email or password has been compromised. When notified you can head directly to the account in question and change the password either via the named company website or app.
- Back-up your data. Ensure your device back-up is active to ensure your device settings and passwords are saved (if using your devices password manager) and any other important data you would be upset to lose in the event your device becomes either damaged, lost or stolen. This feature will also enable you to remotely wipe your device’s data and restore it to a new device, but REMEMBER, you must have access to your devices accounts master password, so it is worth writing this down someone secure at home.
- Always install the latest software & app updates. Cyber criminals can steal your personal information by exploiting weaknesses in applications. Turn automatic updates on for mobile or tablet devices. Review your devices software update settings to ensure that this is enabled and that you have the latest device software installed.