If you’re on this page, you’re most likely tearing your hair out (if you have any left) and are going through the unpleasant experience of having your Facebook Ads Manager account hacked…..
Before you panic too much….. our Keller team has gone through this and the hackers managed to rack up a hefty Facebook advertising bill totalling almost $6000!
This felt like a punch in the gut from Chuck Norris himself.
It all began unfolding when I checked our business bank account and noticed that it looked significantly lower… I clicked on the transaction details and the first thing I noticed was a $1480 transaction from Facebook Ads (fb.me/ads).
Alarm bells went off.
My initial thoughts were that perhaps Facebook overcharged us for the ads we currently had running. I was wrong… I then noticed another two transactions, both for $987, each on the same day.
I almost spat out my coffee.
I then noticed a string of transactions from the previous 3 days all charged from Facebook Ads and I realised that we had been taken for a serious ride.
But something didn’t add up! I had been monitoring our Facebook Ads account over the past few days and didn’t notice anything unusual or see any ads that were outside of our normal clientele.
Maybe someone had stolen our card information and somehow made the transaction information look like it was coming from Facebook?
I called the bank and cancelled our card. The bank explained that they would get their fraud team on the case pronto like MacGyver and I should hear back with some news 8-10 business days later.
Pronto…? The hackers could be enjoying an all expenses paid for holiday and sipping on cocktails 8-10 business days later!
I checked my Facebook account again to make sure that there was nothing unusual and again, there was nothing there. But then it struck me! We have a secondary Facebook Ads Manager account that we only used during the early stages of our business! I quickly tried to login and fumbled around with a few passwords and eventually logged in.
My heart sunk.
The hackers had created an alias page of our business, turned notifications off and setup an abundance of ads with daily budgets of $1000 selling household items like printers and ironing boards for only 1 cent each! Not a bad deal if you ask me! I investigated a little further and noticed that people were actually purchasing from these ads and therefore handing over their credit card details to the hackers…. what a mess! Not to mention, people now think our business has been scamming people!
How to resolve it.
Action 1: Remove the ad and kick the hackers out!
The first thing that we did and the first thing that you need to do is deactivate the ad and change your password! Someone has managed to wangle your login details and now they have your password so this needs to be changed ASAP!
Action 2: Get in touch with Facebook.
But how do you do that? Getting in touch with someone at Facebook isn’t exactly the easiest thing to do.
Let’s face it, sometimes you just want to be able to call up and speak to a human who can reassure you that they can help. This is not going to happen.
You need to report a hacked ads account and hope that they will view your report and then respond to it.
We submitted our case through this form here and provided as much information as possible. I suggest that you do the same thing! Don’t skimp out on any information. Provide your ad account, the hacked ads, the reference numbers of those ads and the total money that you are out of pocket. Make it as easy as possible for Facebook to resolve it.
We submitted our enquiry and they suggested that they would get in touch within a business day or so with some more information.
I woke up the next day (with little sleep) not expecting to hear anything back from Facebook just yet. Never the less, I was eager to see if there was any news so I attempted to login to Facebook but I was confronted with a message saying that my account had been frozen and that I’d need to answer a series of security questions to unfreeze the account.
Upon doing so, I was notified with a message saying that Facebook has responded to my request!
Well, to Facebook’s credit they actually responded to our enquiry within 1 business day and said that our account had “indeed been compromised” and that they will provide a full refund and clear any outstanding invoices that had been created from the hackers activity!
The money was back in our account within two days. Case closed. Boom.
We were pleasantly surprised by the customer service of Facebook and we can honestly say that Facebook took care of us exceptionally well!
Faith restored in Facebook!
Preventing it from happening again.
Since the hacking occurred, we have added extra security to ensure that it does not happen again!
We have now setup two factor authenticator and get notified every time someone attempts to login in from a different device.
If this has happened to you, or even if it has not happened, I would strongly urge you to add extra levels of security to your Ads Manager Account to prevent this nightmare ever happening from you!