I’ve opened a Facebook app that was already logged off at that time and went on to reset my password. I used to have several options on how to reset my password on Facebook but now there was only one and it was to send a link to the email address alanisko@alanisko.net.
Now, the story is
I used to own the domain alanisko.net a long time ago for a few years before I’ve switched to the current one alanisko.co.uk.
As it turned out I also used an email address alanisko@alanisko.net back then and probably I have used that email to register for a Facebook account back in June 2004. Yes, 17 years ago.
Obviously, I had changed my email address few times during those years and I’ve always updated my Facebook recovery options with my current email and the current phone number. Probably for a nostalgic reason or I just forgot to remove alanisko@alanisko.net and I left it there among the other more recent recovery options. It was stupid, I know now.
Unfortunately, as of now, all my more recent recovery options were gone and the only way how to recover my Facebook account was to send a recovery email to the email address that I don’t have access to anymore.
My second option if I couldn’t access recovery email was to create a new Facebook account... no support chat or email, just a simple message that we are sorry.. after 17 years feeding that network with content.
So that is it… thAt is the end.
As I couldn’t recover access to my account, I’ve started to think about why and why on earth would someone hack my personal Facebook account. It didn’t make sense at first. Why all my other recovery options were deleted and only one was the one I couldn’t access anymore.
Why
I didn’t think that my Facebook personal account is something that someone would be interested to hack with my around 800+ friends.
Then I thought that someone maybe was trying to get through Facebook to my Instagram account that may be a better deal with currently 72k followers. So I went to the Instagram app and changed my password there just in case. I’ve already had two-factor authentication turned on on Instagram.
Then I’ve gone back to the Facebook app and tried to block my account and I hoped that I managed to do it and neither I nor the attacker would have access anymore. I have been also using Login with FB on many web pages and services, probably hundreds of them since Facebook introduced that feature and that make me worried a lot too. Attackers could try to access other things too.
How
When I started to think about how they did it, I knew already that someone had changed my password and removed all my recovery emails except the one I had no access to anymore. I was sure that I have not clicked on any links or suspicious messages etc. 100% It was really strange that the attackers have not removed my alanisko.net recovery email as they usually do in cases like this and replace it with some fake one.
So I went to Whois.com to check if and when the alanisko.net domain was registered and I knew I was on the good track when I saw that it was purchased that day through godaddy.com. It was a direct attack on me for sure. I was godaddy’s customer and still use their services for some of my domains these days. I went on their support chat and tried to explain what has happened. The support lady was nice and seems to understand that it certainly was a hack however she told me I need to send an email to a certain email address and they will get back to me with 72 hours. I didn’t have many options so I have had emailed the whole story to that email provided.