The order of events

12/16/09

Maybe this is good news in disguise.

At 3:08 PM somebody broke into my FaceBook account and changed the password. (I know the exact time because they send out an automated email when your password is changed.) I’m still not sure how this happened… I suppose it’s possible I fell for a phishing attempt, but I usually just stay logged in and don’t remember entering my password anytime recently. So this part is still a bit of a mystery.

At 3:11 PM, three whole minutes later, I got the first of many emails from friends, warning me I’d been hacked: whoever was in my account was using the chat system to ask them for money, using a not-very-plausible story of me being stranded in London after a robbery. (These guys type quickly; in the 30 or so minutes that they have control of the account they manage to chat with at least a half dozen people.)

I was offline for most of this — I’ve got a pretty bad cold, so wasn’t working that day — but happened to sit down at the computer a bit later and discovered what was going on. The automated “your password has been changed” email includes a link you can follow if you weren’t the one who changed it, which allows you to reset the password. (Inexplicably, the hackers had not changed the email address associated with the account; if they had done so, I have no idea how I’d ever get back in again: all of FaceBook’s security procedures require you to email them from the address associated with the account.)

By 3:45 PM I had regained control of my FaceBook account, changed the password, posted an apology to everyone who might’ve been contacted by the scammer, and for good measure also changed the password on my email account, my webserver, and every other online service I use. While I was at it, I added a ‘security question’ to my FaceBook account — this is one of those “what’s your mother’s maiden name” things, which I hadn’t ever bothered to set up before.

So, bit of a panic there for a bit, but problem solved.

At 8:56 PM the FaceBook security team swung into action and suspended my account: “Our systems indicate that your FaceBook account has been compromised by cybercriminals attempting to impersonate you.”

Their instructions were to reply to their email with the answer to my security question — which, note, didn’t exist until after the break-in, anyway — and then to “closely follow the instructions provided in our follow up email”. I did this.

24 hours pass, no follow up email.

So I do it again.

Still no response.

And now when I try to log in, I get redirected to a page which tells me “Your account was disabled because you violated FaceBook’s Statement of Rights and Responsibilities, to which you agreed when you first registered for an account on the site.”

Hmm.

So, if you were wondering, that’s why I’m not on FaceBook anymore. I suppose if they ever do get back to me, I’ll start using the site again — there are a few people for whom it was a handy way to keep in touch — but for the most part I can do without the time sink.