
Ask HN: My mother and her friends keep getting hacked on Facebook - throwawayfbsec
Hello,
I keep facing this situation in which my mother (60s) and her friends (aprox. same age) keep getting hacked on facebook.<p>The attacker somehow enter their account and send message to random people telling a long story about being in debt and asks for money (not a large sum, something like 500 US dollars (I am from Brazil)). My mother and her friends do not transfer the money of course because they know each other, but somewhat distant friends do. In fact I am quite happy&#x2F;surprised about how people can be this helpful&#x2F;naive.<p>They are quite oblivious about technology as a whole and use facebook&#x2F;instagram etc just like whatsapp, for messaging. I&#x27;ve ran the obvious measures (changing passwords, locking content etc) and taught them the basics about how the www works and security etc. But not only the hacking continues (even with new passwords and 2FA) but now it is appearing in a new form: they simply clone the profile with public photo and name and starts a new conversation. It is even worse in Instagram since: 1 - they don&#x27;t usually message there so there is no older conversation not appearing 2 - there is not the concept of friends, just followers.<p>I&#x27;ve gone to the police multiple times by now, since they cannot explain to the officers what is happening. Using the bank account provided by the hacker they found some guys, but apparently these guys were hacked too and the hacker(s) is(are) using their account as a proxy.<p>I don&#x27;t know what to do, really. I am a techie (CS MS, 10+ years of experience, worked in several areas, including networks) but I am feeling powerless. Every 2 weeks something happens over the realm of Facebook&#x2F;Instagram.<p>What can I do?
======
myworkhandle
Sounds like their computers are compromised.... key loggers, malware maybe??

How are the bad actors getting the 2FA code? Are the phones hacked too? Are
the phones on a rogue tower? Why is someone spending time messing with old
ladies? There has to be a reason why they are a target for someone to spend
this much energy.. Good luck!

~~~
throwawayfbsec
>Are the phones hacked too? Possibly! my mother uses Iphone (5 I think) the
others I don't really remember >Are the phones on a rogue tower? Never thought
about it! How can I check? wireshark?

>Why is someone spending time messing with old ladies? Can't tell, they are by
no means rich

------
marketgod
For the second scenario, I always recommend to the people around me, if
someone messages you and doesn't have a lot of the friends you know, then
don't respond. That becomes challenging when the person being asked for help
doesn't know your friends circle. Also, try to call them anyways before you do
something. I.e. message them on WhatsApp or another chat application. It's
similar to the old email scam that used to run asking for help with an email
address which was changed by one word. It was not that prevalent though.

This is really a crazy thing, would love to see what others can come up with.

~~~
henric
if someone messages you and doesn't have a lot of the friends you know, then
don't respond. then don't respond, agree. because it's one way

------
gus_massa
Are they sharing a computer somewhere?

~~~
throwawayfbsec
they were using the work computer to use facebook, but said that stopped doing
that once the attacks started. They do not work at the same place but all are
school teachers.

------
bitxbitxbitcoin
They are getting past 2fa though? That complicates things.

~~~
freehunter
It didn't sound to me like the attackers were getting past 2FA, but rather
that they were setting up new accounts with the same profile picture. That
wouldn't require an attack or compromise at all.

Maybe I'm reading it wrong though.

