It started with a harmless email – one that Cassidy Anderson had begun to ignore.
“I was going to fire him and then I thought no, I didn’t sign in from a new place,” he said.
The fact that the fraudulent login was located in California further increased Ms. Anderson’s suspicions.
He responded to Facebook and reported that he was not the one who logged into the Facebook page.
The hackers had already hacked into his account, changing the birthdate and email address linked to his page.
Locked out, Ms. Anderson watched as her profile name was awkwardly changed to “Mumbai Davil”.
Hackers, who took control of Ms. Anderson’s personal Facebook page, moved on to the Facebook fan site, which has 183,000 followers.
They filled the page with viral videos.
With no way to access her job page, Ms. Anderson was able to watch hackers post a steady stream of random clips showing animals, babies, and clever tricks for days.
“These attacks are very common,” said Trevor Long, a technology and cybersecurity expert.
“hackers use high-profile pages to host high-engagement content.
“They can then use this interaction to ‘boost’ or push other posts that potentially scam them to get their hands on victims’ personal information.”
Ms Anderson said it was “absolutely heartbreaking” to lose her Facebook fan page to hackers.
“This page is everything to me. It’s my biggest platform and how people find me,” he said.
“I have a good following in everything except Facebook, which I’ve been working on for 10 years.”
Ms Anderson said she was also afraid to think about any personal information she might have shared in direct messages, such as her Victorian home address.
He also had to take steps to change his PayPal account and notify his bank.
“This is very infringing,” he said.
“It’s like having your house robbed. You run around thinking about what’s missing in your house.”
Anderson said it was also frustrating to contact Facebook’s customer service team to get his account back.
With a deep knowledge of Facebook’s processes, hackers have always looked one step ahead, for example, by removing his profile picture so he couldn’t use a photo to identify himself.
“I’ve had no success contacting Facebook or finding a way to reach them directly,” Anderson said.
“For people like me who monetize our Facebook views, we would have some kind of contact link given to us by Facebook so that we can contact them when our business is in jeopardy.”
Mr Long said it may not work in all situations, but there are some steps people can take to protect their accounts from hackers.
“The sad thing is that for many there is nothing you can do after this incident,” he said.
“It’s all about protecting your page while you have it.
“To do this, it is very important that your personal Facebook profile is protected with two-factor authentication. This makes it difficult to hack your account and therefore access your page.
“Second, add other trusted users to your page. So if you get hacked, those other users can recover access and hopefully kick the hackers out.
“Facebook is a full time job, hackers don’t make it easy for businesses.”
Nine.com.au contacted Facebook for comment.
A spokesperson confirmed that they are investigating Ms. Anderson’s case.
Contact reporter Emily McPherson at email@example.com.