Australians are taking drastic measures to get back their hacked social media accounts. ·Yahoo Finance Australia/Adobe
Aussies are hiring companies to go head-to-head with hackers to "hack back" their stolen social media accounts. Facebook and Instagram accounts are being taken over by scammers "within seconds" and victims are paying hundreds of dollars to claw them back.
Sydney woman Annie Kim recently paid SafetyNet Cyber Security $479 to help recover her Facebook and Instagram accounts after they were hacked. The Brisbane-based company told Yahoo Finance there's been a huge increase in demand for their services.
“We receive upward of 100 enquiries a week from people who have been hacked on Facebook or Instagram. It’s really becoming a problem,” cybersecurity expert Nick Guy said.
Kim explained how the hackers managed to retrieve her accounts, and why it was so important to her.
“The main thing for me was that I had messages from loved ones that had passed away on that account. Those things you can’t get back,” she told Yahoo Finance.
Kim had been messaging a friend on Facebook, who she later found out had been hacked.
Her supposed friend mentioned they were starting up a dance clothing line and asked if she could like the Instagram page.
Annie Kim's Instagram and Facebook accounts were hacked after she clicked on a fake link. ·Source: Supplied/Getty
Have you fallen victim to a scam? Contact tamika.seeto@yahooinc.com
They sent over a link and claimed she might have to log into her account again because the clothing website was a bit funny.
“That was my first red flag but when I clicked the link, it looked like a normal login Instagram page and didn’t look dodgy,” she said.
Kim said she entered her login details and "within seconds" found herself locked out of her account.
“I tried logging back in but they had attached their mobile number to the 2FA, the two-step authentication, and I knew immediately what had happened,” she said.
‘Hacking back and forth’ with scammers
Guy said SafetyNet Cyber Security used “a number of methods” to get people’s social media accounts back, which he was unable to disclose for intellectual property reasons.
“Often we find ourselves in situations where we are hacking back and forth until we can lock them out. These methods have been refined over time and experience,” he said.
With their help, Kim was able to get her Facebook account back within a week while her Instagram account took about a month to recover.
“It wasn’t until a few days ago that we had a breakthrough,” Kim shared.
“I finally got an email from Instagram with a 24-hour link … basically you have one minute to do seven different things to lock the hacker out. So it is very stressful.”
Kim said she allowed SafetyNet Cyber Security to access her computer and they were able to quickly change her password, change certain codes, remove the hacker’s devices from her accounts, and attach her real mobile to the two-factor authentication and boot out the hacker.
“When you are hacking the hacker, you want to feel some sort of safety and trust in the person who is doing this and I definitely don’t think I could have done it on my own. It was way too stressful and overwhelming,” Kim said.
Guy said he was often "hacking back and forth" with scammers to try and get back people's social media accounts. ·Source: Supplied
Hackers ‘increasingly sophisticated’
Aussies lost a total of $2.7 billion to scams last year, with phishing scams - where fraudsters trick you into handing over your personal information - accounting for $137.4 million in losses.
Guy said online scams were becoming “increasingly sophisticated” and were often “tricky to spot”. Like Kim's case, hackers will often lure people into clicking on fake login links and entering their social media or email credentials.
“These criminal gangs typically come from West Africa or South east Asia and they make a phenomenal amount of money by scamming victims,” Guy explained.
Hackers can also gain access to people’s accounts if their email and password has been included in a data breach.
In Kim’s case, she said the hacker had been clever enough to match her friend’s tone of voice so she initially didn’t twig that something was off.
“I thought I knew the signs of what to look for when someone is trying to hack or scam you,” she said.
“Usually they are rushing you to do something, there are spelling errors or there is a standard copy and paste message they send to everyone.
“But the tone of voice is what really caught me off guard. This hacker had taken the time to read our messages to genuinely sound like her so that’s the really scary part.”
What can hackers do with your social media accounts?
Once hackers have access to your social media, Guy said they will often change your recovery email, recovery number and enable two-factor authentication with these new details. Then they will start targeting the hacked person’s social media friends.
“They will block the real owner of the account, go through messenger and run an appropriate scam based on the demographics of their friends,” Guy said.
“If hackers have gotten access to emails, things get much more serious depending on what information has been sent over that email platform.”
Guy said it was common for information like loan applications, mortgage details, bank card numbers, passports and driver's licences to end up in the hands of identity thieves.
He recommended people who have been hacked contact a professional immediately.
