Spoke with customer support yesterday, they told me in order to verifying was the actual owner of my Facebook account I would have to purchase 2 $25 google play gift cards to verify my location because my account was hacked your someone in Nigeria, changed email, phone and password so I cannot access my account or request codes to reset password. After I gave him the google numbers he said the session was timed out so I need to buy additional gift cards because I cannot open a new case with the numbers from the cards I had already given. If there was not a language barrier it would have been a lot easier to communicate. Now I am out $50 and I am still not able to access my account. I am very disappointed with the fact that Facebook has you purchase $50 worth of google play gift cards for no reason whatsoever, once the access codes are given there is no way for me to use the $25 gift cards. Especially because I was hacked in the first place. Ask me any of my personal information or previous posts and I can give you that info. Don’t make me feel more insecure about the person in Nigeria having all of my info, places I’ve checked in, pictures of my kids and other personal info about me.
Facebook – being asked to purchase $502/$25 Google Play gift cards by customer support to unlock the account
facebookprivacy
Related Solutions
tl;dr: click continue at to reset my password from a device I recently used to sign in
and answer the not-very-secure questions presented to you, they will send you a mail.
long version
After reading this answer by icantchooseoneRising:
icantchooseoneRising Nov 2 with there being around 450 million gmail users , there is no number to call if you use free gmail nor any direct email or other type of tech support - its simply not possible
You can only reset your password by one of these methods:
Having email sent to a recovery email address that you have registered in your account
Having a code sent to the mobile number you have registered in your account
For some accounts, answering a security question.
filling in the recovery form
for 1 2 3 click here
select I forgot my password
for 4
Start here - www.google.com/accounts/recovery
Choose "I forgot my password"
Enter the account name that you are trying to recover
Solve the Captcha if one is offered to you
Choose "Verify your Identity"
Complete and submit the form
for more info See the following article about how to recover a lost or compromised account: http://gmailaccountrecovery.blogspot.com/
I've decided to try and click continue on to reset my password from a device I recently used to sign in
, well, I've used my computer...
to my surprise it asked me to enter the last password you remember
then it asked to Enter an email address where we can contact you
- note that it didn't ask what is my 'recovery email address' (neither it should, based on my username they should know already), nor even my username...
After that it asked me again what was my last password, the date when the last tiem I could log in (today..), and the date when I registered my account (ages ago...).
I don't know what to think but it sent the recovery email to the address I've given.
I was able to recover my account.
On the first login, it tried to trick me again into giving my email address, but there was a "cancel" button...
Now I wonder if it didn't enter to this form the same address that is my recovery email address, would it still send the help email? Because then I think it is very insecure.
The reason why they don't allow me to log in with my password should be that someone else may be knowing my last password. So they can enter it too.
They ask for an other email address, not my username nor my recovery email address. If I could give any address here, then the remaining questions are the last time I could use my account, which is not very hard to guess if someone is an attacker; and when did I register. This one can be tricky, but really, there are not many combinations. With a little inspection, information and luck, one could make an educated guess.
So it seems what actually protects my account the strongest is my last password - the very thing that Google wants me to change. But until I change that, it seems that it may allow anyone with a random email address to take over my account, if [s]he can guess the time I've registered?!
You used Facebook invite via email feature sometime in the past and you probably don't remember his email being part of that invite list.
You can check your invited contacts here https://www.facebook.com/invite_history.php
And choose to remove it here https://www.facebook.com/contact_importer/remove_uploads.php
Best Answer
Simple answer because you are getting scammed. They wanted $25 of android credit and then wanted to try again. Assuming that "google numbers" means the number hidden under the scratch-off foil.
Start distrusting. Do not trust your smartphone, computer, anyone you did not contact directly and most of all do not trust the internet. It is basically the 21st century wild-west. This is not really the place but you need to get it together fast.
Using a third-party (as in not owned by you or used in the same property as you) computer ask google for facebooks contact details and tell them what has happened. The reason for not using your computer is that if your computer or smartphone is directly compromised (hacked) then it is trivial to make it look like you are visiting the genuine fb site or even google but with say contact numbers changed to ones they control.
If you reuse passwords then you need to secure your digital banking / financial services ASAP by getting in contact with them and that goes for email accounts too as if your password is re-used and compromised then they can simply perform password resets for any web accounts linked to that email.
From a security point of view, applicable to all web users, this statement is terrifying. Distrust, distrust, distrust.