We don't often think about someone hacking or hijacking our Facebook Ad Account. But it happened to one of my clients.
I had a frantic call from my client late one evening and someone was running ads in her Facebook Ad Manager and she received a notification from PayPal with a charge for an Ad from Facebook that she wasn't running.
We were checking to see what was happening. The client, her assistant and I were all on the call seeing an Ad Campaign in her Facebook account for an ad that she didn't create or know anything about. It was for a totally unrelated product from her business.
When she tried to stop the Ad, Facebook would not allow it since Facebook said she did not create the Ad. We checked to see who created the Ad and it showed that she did - so this added more mystery to the whole ordeal. We also could not remove the payment source because there was an active Ad running.
While we were frantically searching for a way to contact Facebook to stop the Ad, the client was getting more notifications from PayPal for new charges from the Facebook Ad.
Since it was virtually impossible to get assistance from Facebook to stop the Ad, I recommended she contact the bank immediately to stop the payment source for Facebook, which was PayPal and alert them to the fraud taking place. Fortunately for my client, because she alerted the bank of the fraud, she was not liable for the charges that had gone through.
The next course of action was to go into PayPal and delete Facebook from the preapproved payments schedule. The client also changed her Facebook Password.
I also recommend that the payment source within Facebook be removed and only put in your credit card (or PayPal, etc) when you are running an Ad. Once your Ad is completed you should remove the payment source in Facebook.
It was a huge wake-up call for my own Facebook Ad Manager Account. I too removed my PayPal payment source from Facebook. I removed Facebook from my preapproved payment schedule in PayPal. I also looked at all of the preapproved payments listed in PayPal and removed some of them that I was not using or needing.
On my PayPal account I set up two-factor authentication so that a text is sent to my phone when logging in as an added level of security.
We need to realize that if we have authorized automatic payments using PayPal as the payment method, the various companies we authorized could be a potential liability if they were to get hacked.
Hoping your accounts are secure from these hacked/hijacked nightmares.
To Success!
Kathy Perry
813-789-9580
Taking the Eek! out of Geek and