I recently learned some hard lessons.
One afternoon in mid-April, I got an email from Facebook saying somebody had requested a password reset for my Facebook account. But that person wasn’t me. I was being hacked.
Once I realized what was going on, I took action right away. I clicked the “this wasn’t me” link at the bottom of the email. I changed my password and reported the hack through Facebook’s security center. But my efforts weren’t enough — somehow the hackers managed to change all the contact info and lock me out of the account.
So I tried going through Facebook’s help center to report the hack. But instead of helping me undo the damage and restore my access, Facebook’s bots disabled my account permanently. They say there is no appeal. I’m done.
I had done everything right. I had a fresh password. I had two-factor authentication enabled. I reported the hack as soon as I saw it. None of it mattered. The hackers got in anyway, and Facebook ignored all my cries for help.
And of course, there’s no way to get in touch with a human for service. I tried every method I could find online for reaching out. Nobody ever responded.
So what have I learned from this frustrating experience? The first lesson is that anything you have online is vulnerable to attack. If it’s a service you pay for, like your web hosting, email service or CRM system, your vendor probably provides some protection from attacks, as well as a support team to help you fix anything hackers may break. But if it’s a free service, and especially a social media platform, you’re on your own.
A related lesson: Facebook (and its parent company Meta) doesn’t really care about you. They won’t step in and help you through issues. They won’t even have a live human look at your case. You’re just a number to them. Even if you advertise on their platform, they’re not likely to intervene when trouble strikes.
This can be problematic for tourism entrepreneurs who rely on social media to run their businesses. Hacks happen to hundreds or thousands of people every day. So a third lesson is to make sure other people can manage your brand pages on social media in case your account gets hacked. I’m fortunate that our whole team here at The Group Travel Leader has administrator access to our Facebook pages, so my misadventures won’t affect our reach. I hate to think what would happen to a web-based solopreneur who lost control of their own brand online.
My final lesson from all this is that no company should put all its eggs in the social media basket. Even if Facebook, Instagram or TikTok are important parts of your marketing and communications strategy, you should be incentivizing followers to sign up for your email list. And your ultimate aim should be to develop the kinds of offline relationships that can lead to sales.
As for me, I have decided to live without a Facebook account, at least for the time being. Maybe one day I’ll start another one. Or maybe I’ll find that life is better without an online image to curate and constant notifications to manage.
Perhaps that will be the most important lesson of all.