Digital Identity Blog

Thought leadership for cybersecurity, fraud and digital channel professionals

Facebook Account Hijacked? Now Selling Air Jordans? Then You’re a Shoe-in for “The Facebook Follies”

By ThreatMetrix
ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,000 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches.
Follow ThreatMetrix ThreatMetrix's Most Recent Posts:

Okay before jumping into this piece feet first, we have to straighten out who “the Haggler” is. That’s because the Haggler is the go-between between the hijackee, one Mr. Samuel Reed of Philadelphia, and Facebook, the site where Mr. Reed was hijacked.

Now, normally, we’d follow Shakespeare’s admonition “What’s in a name” and couldn’t be bothered haggling with anybody over the Haggler’s identity. However, if we didn’t identify him, this blog could get as confusing as some of Facebook’s solutions for people who’ve been hacked.

Right off the bat we were able to say who the Haggler isn’t. He is not former middle-weight champ Marvelous Marvin Hagler. Unfortunately, while our online “Haggler search” provided lots of clues as to who he is, there was no smoking gun. Fortunately, however, all the clues pointed to a flock of David Segal’s columns in The New York Times wherein Mr. Segal takes questions from readers, does research and provides answers to those readers; a consumer advocate kind of column.

So why, you may well ask, does Segal use the “nom de helpdesk” the Haggler? Possibilities include that he enjoys writing about himself in the third person. Or that he thinks of himself as a kind of Clark Kent to his Superman Haggler alter ego. The third possibility, and the one we favor, is that we don’t know why.

Anyway… David Segal, and we’re assuming the Haggler, received the following question from a reader.

In mid-April, my Facebook profile was hijacked. I could not sign into my account, and someone started posting photographs of sneakers on my home page, along with comments — mine, it seemed, to anyone who visited — like “Nike Air Jordan super sale, 75 percent off!” Soon after, my friends were getting messages urging them to buy sneakers.

I followed all of Facebook’s suggestions for reporting the abuse and had my friends report that someone was pretending to be me, to no avail. Just as bad, getting someone at the company to help proved impossible 

I have close to 2,000 Facebook friends and do not want to start from scratch creating a new profile and page. I understand that I signed off on Facebook’s terms of service, but it seems as if the world’s largest social network ought to handle a problem like this a lot more efficiently.

Can you help?

Samuel Reed

Before taking up how to close down Reed’s Discount Shoes, David Segal or it might’ve been the Haggler, analyzed what the scamming spammer was up to. Offered Segal, “The idea, apparently (was) to fool the Facebook friends of Mr. Reed — a public-school teacher and a grandfather — into thinking that he had suddenly become a sneaker freak. And not just any sneaker freak, but one with links to an e-commerce site,, which sells merchandise at discounts.

“Regardless of who was behind this hijacking … it is hard to imagine that as a sales strategy, this one is very effective. But a lot of spammers try variations on this theme, as any Internet search will show.”

Fred Wolens, a spokesperson for Facebook, told Segal that each day the company stopped about 600,000 attempts to hack into users’ accounts. He suggested Reed’s account might’ve been phished when Reed entered his account information onto another website.

However, Reed was hacked, he faced the task of putting things right. Actually, we should’ve said Reed faced the daunting task of putting things right. Let Mr. Segal explain.

Facebook has a page about how to avoid phishing. It also has a page about what to do if you’re locked out of your own account, but the Haggler strongly recommends that you avoid this page unless you have actually been hacked, particularly if you are a Facebook user who is logged in. The site assumes that you’ve been attacked, and unless you hit “cancel” — one of two options you’ll have — you will be forced to change your password and security question. And you’ll learn very little about the hacking problem.

Mr. Reed got to know the hack page quite well, and he says he followed all instructions posted there. None worked, he said, and all he got from Facebook were some unhelpful automated e-mails. So the Haggler contacted Facebook and quickly heard back from Mr. Wolens. He said it would reach out to Mr. Reed through its User Ops team, which the Haggler likes to think is made up of men and women in Ninja costumes, saluting one another in a darkened room.

Soon after, a User Ops member sent an e-mail to Mr. Reed, asking him to e-mail a photocopy of a government identification card, like a driver’s license. Which Mr. Reed did. It would be nice to report that a speedy resolution followed, but for some reason, Facebook asked Mr. Reed to gain entry to his account using an e-mail address that wasn’t his. The Haggler conveyed this to Mr. Wolens, and not long afterward, Mr. Reed was back in his account, with instructions on how to delete all those sneaker ads.

How did Facebook perform through all this? Better than its shares! (The Haggler can’t resist a cheap joke at the expense of billionaires. It’s a weakness.) 

Doubtless Mr. Segal shares the Haggler’s sense of humor with anybody who didn’t buy Facebook shares at the IPO.

Mr. Segal and/or the Haggler continues:

Actually, it’s surprisingly hard to pin down exactly how much of Mr. Reed’s travails can be pinned on Facebook, because it is surprisingly hard to figure out what happened here. Mr. Wolens says Mr. Reed initially sent a message to Facebook through a queue that wasn’t in use anymore — in a “deprecated” queue, in the company’s parlance. But Mr. Wolens also said that Mr. Reed, after writing to that queue, was forwarded to the company’s standard help page. This is a confounding detail, and the Haggler is leaving out several others, mostly because they are very boring.

Suffice it to say, Facebook is obliged to make its system safe, but it’s hard to imagine how it can respond in some personal way to the woes of individual users. That said, the Haggler had to laugh when Mr. Wolens said that Facebook believes that its users prefer “self-remediation” — basically, online solutions they find without help — to dealing with Facebook employees.

After a few attempts at self-remediation, the Haggler thinks most people would prefer speaking to a human.

Incidentally, care to guess what Samuel Reed teaches? Right. “How to deal with social media.”

By ThreatMetrix Posted