I received a security email today from Facebook in response to a password reset request that someone submitted (the email came to me from security@facebookmail.com). I received a simultaneous text message too. If you don’t know, Facebookmail.com is the domain Facebook uses when communicating with users about the security of their account. The email I received included the six digit code that should be used had I been the one who really requested to reset my password. It’s the same type of email I would get if I tried to log in from a different browser than I normally use. I have written a lot about scammers in the past; however this is the first time, I think, I have written about someone attempting to gain access to my Facebook.
As much as many people dislike Facebook, it’s a very popular venue for scammers and hackers. It’s especially popular if you hadn’t used your account in a while. A year ago, when I vacated Facebook for several weeks taking a social media break, I returned to find that someone else was posting messages to my wall, all of which were in another language. Fortunately, my account wasn’t compromised, and it didn’t appear that anybody had gained access to my account during my absence. That’s one thing the scammers and hackers like to do. They gain access to your account, then they send messages to your friends masquerading as you, oftentimes asking for a loan or coaxing them into a fraudulent investment scheme. But that didn’t seem to be the case, and nobody mentioned to me about any odd messages they might have received. But I changed my password anyway just to be safe and initiated two-factor authentication. This was before Facebook required users to activate that security setting.
So, what is two-factor authentication? You should probably already know, since many accounts, whether social, financial, email, and other types of accounts are requiring it. But, according to Facebook’s website, “Two-factor authentication is a security feature that helps protect your Facebook account in addition to your password. [When] you set up two-factor authentication, you’ll be asked to enter a special login code or confirm your login attempt each time [you’re] accessing Facebook from a browser or mobile device [Facebook doesn’t] recognize. You can also get alerts when someone tries logging in from a browser or mobile device [Facebook doesn’t] recognize.”
That’s what happened with me today. Someone tried to gain access to my account, generating the message. This isn’t the first time that has happened, although this is my first time chronicling it. It has happened several times during my tenure on Facebook. The notification email used to indicate where the person was who tried to gain access. The last time the culprit was in Seoul, Korea. The time before that, it was Tamale, Ghana. But this time, that information was omitted, which is odd that Facebook stopped reporting that to users. Even if the person were using a Virtual Private Network (VPN), it would still show a user’s masked location. So, it seems that Facebook is no longer sharing that information.
By way of background, a VPN is a valuable software add-on, that allows users to hide their browsing activity, identity, and location, allowing for greater privacy and autonomy. Anyone seeking a safer, freer, and more secure online experience could benefit from a VPN. Additionally, it can give users access to content online that might otherwise not be available to them. For instance, sometimes when attempting to view an audio or video file, such as on Youtube or Apple Music, for example, I’ll receive an error message that the content I’m trying to access is not available in my country. Changing my location within the VPN can open that additional content. One downside though is some websites block users who are using a VPN. Many sites employ a VPN detector, and they deny users access who are using a VPN. This is due in large measure because scammers like to use a VPN. Blocking VPN users is a tiny step to stop and block the scammers. Some sites that provide adult content might also block users who have a VPN to help identify users in the event they are involved in human trafficking or to validate someone accessing age-restricted material. But most of the sites I have visited operated fine, with no problem. On the rare occasion when I’m blocked, I just turn the VPN off temporarily then turn it back on when I am done. Even if Facebook doesn’t share the location of those attempting to access someone’s account, I hope the company keeps track of it. It could be an important metric to report when determining the source of scammers and hackers.
Anecdotally, people are always saying everything scam related happens in Nigeria and India, and it’s true; much of it does originate from those countries. But many scammers and hackers also are in China, Pakistan, Indonesia, and the Philippines. These six locales are in the top ten. I wish more could be done to address scammers and hackers. At least in the case of Pakistan, Indonesia, and the Philippines, those places have positive, close diplomatic relations with the United States.
There ought to be more of a partnership with those locales so the culprits committing these crimes against US citizens can be held accountable. It ought to be simple. Unfortunately, in many of these places where the scammers operate, the police and the governments are quite corrupt. It wouldn’t surprise me if the scammers give the police “leave me alone” money. The good news is, more of them are prosecuted now than were prosecuted a decade ago. Perhaps in time the long arm of the law will extend to more places and stop all these perpetrators.
You must be logged in to post a comment.