I fell a victim to a cybercrime that never happened
Content
By sharing what went wrong, our technicians made me think that it’s actually not a bad idea and I have something to share too.
I think I’ll dig out more situations over time, but today I’d start with a traditional one – someone hacks into your Facebook account. Except this hack wasn’t traditional at all.
How did the problem start?
I’ll take a little detour. It started somewhere else entirely. Suddenly, we found out in the company that we had launched an advertising campaign in Google Ads which had been suspended a long time ago. We searched and searched what happened and took the necessary measures.
But the attackers have struck again, this time on Facebook. Suddenly I got an email from Meta Business Suite that my ad was approved. However, I did not approve any advertisement. When I opened the email, I saw that the ad was for a company I have nothing to do with. Additionally, it was created within an advertising account that we no longer use.
The search has begun. I immediately picked up the phone and called my marketing colleague that the vandals have struck again. She reassured me that she will take care of the ad and turn it off, but that I should contact the techs to help me take additional security measures.
I called the technicians and solved with them the forced intrusion into my account, and my colleague from marketing called me again. Once, twice, three times. Stress built up. It’s already evening, it’s dark, so it’s all even more shrouded in darkness and evil hackers lurking around every corner.
The Big Hacker Caught
Of course, I picked up the phone as soon as I could. After all, I had to ensure safety first. Once she spoke on the other end, a few sentences were all it took to make me laugh.
Of all the horrible scenarios where our ad account was hijacked by evil scammers who want to run ads on fraudulent investment sites, not one has come true. The reality was much, much simpler.
Before I tell you what my colleague actually told me, I will tell you two points that indicated from the beginning that this was probably not a scam.
First of all, the ads that were launched were just promotions of big discounts in one store. This doesn’t quite scream a fraudulent investment scheme, such as the fraudulent offerings of large stock companies (you can find a great short video on this topic here – only Czech audio). Second, the ads were running under an ad account that hasn’t had its payment information updated for several years, so not a penny would leave without notification.
And now to the few words that my colleague told me. It turned out that our former external advertising specialist still had access to the ad account. Since then, he has been working in another company, namely in the aforementioned store, which launched the discount ads.
If you’ve ever seen what Meta does when you enter an ad, you’ve probably already been fooled by the fact that after setting all the parameters, you didn’t pay attention to the most important one – from which ad account the ad is running.
This is exactly what happened to our former specialist, and he accidentally started advertising with us. Even a master carpenter gets cut sometimes.
What Were My Lessons Learnt?
It is certain that not all errors on the Internet can be attributed to evil hackers and thieves who want to steal money from innocent people. Sometimes there is simply a mistake and a misunderstanding that can be explained much more simply.
It can also be seen how important it is to check the relevance of the data and who has access to what. And also, if such an advertising account is still needed, when no one has used it for several years and we know that it will not be used.
Have you ever been the victim of a crime that never happened?
