I report on scams and I still fell for one

I got an email from 'Facebook' and fell for a hacker's scheme

KOIN 6 News anchor/reporter Jennifer Hoff at her desk in the newsroom, October 3, 2014 (KOIN 6 News)
KOIN 6 News anchor/reporter Jennifer Hoff at her desk in the newsroom, October 3, 2014 (KOIN 6 News)

PORTLAND, Ore. (KOIN) — I just got back to my desk after anchoring KOIN 6 News at 6 when an email in my work inbox caught my eye.

I get a lot of emails.

But this one claimed I had violated someone else’s intellectual property rights. And it was from Facebook. Trust me, you pay attention when the world’s largest social media platform accuses you of something.

The original fake email KOIN 6 News anchor Jennifer Hoff got some hackers who stole her professional page, September 2017
The original fake email KOIN 6 News anchor Jennifer Hoff got from some hackers who stole her professional page, September 2017

The email also claimed Facebook would remove my page, which is an integral part of my job. It’s how I hunt for story ideas, connect with viewers and post important information. For nearly 11 years, I’ve worked hard at building my social media presence and the threat of losing it was nerve-wracking.

Thank goodness the email included a link I could click to appeal if I thought it was all a mistake.

It was a mistake, right? I mean, I always give credit where it’s due online – but I’d been sharing a lot of information about the large wildfire in the Columbia River Gorge, burning historic landmarks and threatening our viewer’s homes, that maybe in the midst of all the updates, I shared something incorrectly.

Except it really irked me the email didn’t specify what post was allegedly so violating. So I clicked the link. I answered a few questions; I made my case.

And I also sealed my page’s fate.

The fake version of a Facebook copyright page that hackers sent to KOIN 6 News anchor Jennifer Hoff in September 2017
The fake version of a Facebook copyright page that hackers sent to KOIN 6 News anchor Jennifer Hoff in September 2017

A few hours later, I got a grammatically-incorrect email that worried me enough to change my password. By the next morning, my professional Facebook page had completely disappeared.

I felt sick and lost. But mostly, I felt really stupid. I had never been hacked before.

I spent the next day searching for answers. And surprisingly, there weren’t any helpful ones. My name, birthday and email hadn’t been changed. The hacker didn’t send out random friend requests, posts I didn’t write weren’t showing up.

But I couldn’t reinstate the page.

A real email from Facebook to KOIN 6 News anchor Jennifer Hoff after her page was hacked, September 2017
A real email from Facebook to KOIN 6 News anchor Jennifer Hoff after her page was hacked, September 2017

I sent several messages to Facebook’s support inbox.  I ended up down an internet rabbit hole of message boards and random articles full of advice – but my trust level was at an all-time low.

The emails look similar – except some came from a Gmail account. And others came from something else.

The iconic blue and the Facebook ‘F’ were on the page and the footnote looked identical. Facebook should have also only had access to my personal email, not work.

My personal page wasn’t compromised, neither was the KOIN account I had access to.

It took 4 days, but eventually my Facebook page was partially restored. I am still missing 2 years’ worth of content, but my 3,000 loyal followers are still there. And that’s really all I could ask for.

If it happens to you

I wish I had some magic advice to share in case it happens to you – but in this case especially, it boils down to who you know.

Our Digital Managing Editor emailed someone who emailed someone else who knew someone directly at Facebook. A friend of a friend also directed me to an email only the press can use to reach out to Facebook.

But I am posting the advice a spokesperson recommended to make sure this doesn’t happen to anyone else. Needless to say, I have changed my password several times and also activated the two-factor authentication — and I think you should too.

Take that, hackers.

From Facebook: 

If you think your account has been compromised, we encourage you to visit facebook.com/hacked

If you think your page has been compromised, we encourage you to  File a report.

• Page roles breakdown: https://www.facebook.com/help/289207354498410
• How to add/remove/change roles: https://www.facebook.com/help/187316341316631
• What to do if you’ve lost privileges: https://www.facebook.com/help/256388474444114
• We also have published security tips for small businesses here, which discuss Page admin roles:
https://www.facebook.com/notes/facebook-security/security-tips-for-your-small-business/10153072090085766/

To get out ahead of these types of scenarios, we encourage everyone to increase your account security with our Security Checkup, which helps you set a strong password, manage phones and computers where you’re logged in, and turn on notifications to alert you if anyone logs into your account. You can do the quick Security Checkup by visiting: facebook.com/securitycheckup