Site icon IT World Canada

How a Halifax cafe endured a Facebook page hi-jacking

Halifax’s Humani-T Cafe had its Facebook page revived this week after a lengthy take-over of the site during which the vegan restaurant suffered the indignity of having an attacker place odd videos of a half-naked person eating steak.

Now company co-owner Kiyan Sobhani has to begin rebuilding the hundreds of thousands of followers he said the page had before it was taken over.

For Sobhani there are two questions: How was the page hacked, and why did it take Facebook so long to help him?

Restored cafe page

The episode began Feb. 14 when Sobhani tried to upgrade the cafe’s standard Facebook account to Facebook Business. A Business account helps firms create and track ads as well as leverage sister platforms Instagram and Facebook Messenger.

“I have multiple pages and I wanted to organize them all,” said Sobhani, who figures he’s spent $100,000 over nine years on Facebook ads.

He’s almost certain he typed the right address for Facebook Business into his browser to enroll, but the next day realized he’d lost the ability to post. The account had been taken over either by a hacker or someone who had created a fake Facebook Business site and captured his login credentials.

“They demoted me and my entire family, who are the admins of the page, to analyst, which means we can only view the page and not do anything else. And they removed me as admin altogether.”

The videos the hacker posted were odd: Construction videos, a barbershop video, and the woman eating a steak.

Sobhani said he and members of the family who had admin access were using two-factor authentication to protect against a credential hack. However, that wouldn’t be a defence if the attacker changed the password and the second factor after they got access.

Fortunately, Sobhani was able to post to the cafe’s page from their Instagram account to explain the situation to readers. In retaliation, the attacker changed a setting to hide the page from public view.

The attacker made no demands, Sobhani said, nor responded to any attempt to communicate other than to demand the family stop posting from Instagram.

One message read: “Now it’s our property. Now no one can take it back. You must know this. Now you have two options: Cooperation on both sides is beneficial. You do your job. I do my job. If you do not cooperate I will delete Fanpage permanently.”

No phone number

Sobhani quickly tried to speak to a Facebook official and found no phone number on its sites.

“It’s an impossible task, because if you want to contact them you, you have to go through this entire process of finding [online] help topics, which are of no help at all. And then you’re out of options. There’s no contact options. The only way we were able to contact them was through Ad Manager. And when we contacted them they responded with something generic that had nothing to do with our request. And then they closed the case. They have no phone number, they have no customer service. They don’t seem to care.”

Through a friend who knew a Facebook staffer there was an instruction to send a new email address for communications, but Sobhani felt there not enough to help to quickly take back control of the cafe’s account.

IT World Canada came across the site and his pleas for help and on Feb. 20 put him in touch with Facebook Canada spokesperson David Troya-Alvarez. That, Sobhani said, got things rolling faster. Troya-Alvarez made it clear to him that Facebook needed a new contact email from the cafe page’s original administrator. In addition, Facebook also needed a notarized letter from the cafe verifying the original ownership of the person managing the cafe’s page and an explanation of why the platform had to revert control to him.

From Sobhani’s side that took until March 5 to complete and send.

Control back

Around 10 days later he had control of the page back. However, due to a configuration problem which Troya-Alvarez helped figure out, it took until Tuesday of this week to get the page visible again.

Meanwhile, the profile of the person who took over the site is no longer available on Facebook.

Facebook suspects somehow Sobhani went to and logged into a fake Business page and was the victim of phishing. It was not, the company believes, a hack of its own page.

“It was a legitimate site,” Sobhani first insisted. However, he added, “it’s not impossible” he went to a fake site. “I don’t have it in my browser history to check out. I can’t definitely rule that out.”

What frustrates him is the time it took Facebook to help him regain control of the account. After sending the notarized letter, for example, it took a week for the platform to get back to him.

No Facebook response

IT World Canada made phone calls and sent several emails to Troya-Alvarez on Thursday to get an explanation of how control over the page was lost and why things in this case took so long. We received no response.

In an earlier email, Troya-Alvarez referred us to a Facebook page with advice on how to keep accounts safe. These include enabling two-factor authentication and watching for suspicious links.

To help restore a hacked account, Facebook suggests a friend be listed as a trusted contact. That person will be able to send you a recovery code with a URL.

Facebook also has this help page: facebook.com/hacked and a Help Centre.

“The only good thing that came out of it was we got a lot of PR from this … local people on Twitter sharing it, getting in touch with us, saying they support us. That was positive. I don’t think it offset the frustration.

On the other hand “a lot of people unliked our page, because they didn’t want to see what the hacker was posting, I don’t know if we’ll get them back.”

One bright spot: Return of page control came in time for the cafe’s annual April 13 fundraiser for Mental Health Foundation of Nova Scotia.

Will he try again to enroll in Facebook Business? “I haven’t dared go back to it yet.”

Exit mobile version