Sheela Lalani is one of many small business owners who depend on social media platforms to generate extra income during the holidays. Her Instagram shop of unique, handcrafted children’s clothing, adorablely fashioned by smiling babies who joyfully twirl in her clothes, has attracted nearly 13,000 followers. She recently launched her own holiday collection, when suddenly any hopes of promoting her new clothes to her followers were suddenly dashed when Meta deleted her Instagram account. They also disabled her personal Facebook account, her Facebook business page, and her new boutique Instagram profile.
Lalani was dismayed, but then the situation got worse. Despite accounts being disabled, the PayPal account that he linked to his social media pages to buy ads to promote his businesses was hit with a $900 charge. He immediately contacted PayPal to dispute the charge, and is still waiting a refund, but he also knew that PayPal intervention wouldn’t solve the bigger problem. Someone had purchased Facebook or Instagram ads with her PayPal account and she felt she had no way to report this behavior to Meta and stop any future payments because Meta had disabled all of her accounts.
“This is so unfair to entrepreneurs and seems criminal,” Lalani told Ars.
What happened to Lalani has apparently happened to dozens of individuals and small business owners complaining on the subreddit, r/facebookdisabledme. A hacker gains access to a Meta account, then adds their account to the business owner’s ad account before removing the original account owner. At that point, the hacker took full control of the ad account. Then, the hacker moves quickly to get the original user off Meta before he realizes the ad account has been hijacked. To do so, the hacker posts inappropriate content such as pornography, which quickly prompts the Meta content moderators to disable the original account. Once an account was disabled, small business owners told Ars they were “in an impossible position,” just like Lalani was. Many entrepreneurs told Ars that any attempt to appeal Meta’s decisions is repeatedly rejected.
“Complaints to Facebook have largely gone on deaf ears,” Darel Parker, who works in network engineering and systems management and also lost access to his corporate accounts, told Ars.
Parker is filing complaints on the subreddit. She also launched a website to track developments with Meta-disabled accounts due to being hacked. Last week, she said she lost access to several Instagram and Facebook accounts, as well as two dozen other business accounts that he manages as part of his business. She said that in addition to some users struggling to get refunds after hackers hijack their advertising accounts, entrepreneurs suffer emotional distress, loss of reputation and subsequent loss of income.
When Parker’s accounts were disabled, he reached out to Facebook by email, through its support portal, and tagged Facebook and Meta on Twitter, but like many others on the subreddit, he received no response. So, she tried to go over Meta’s head by contacting officials, including the FBI’s Internet Crime Complaint Center and the California Attorney General.
Other Redditors have posted success stories by contacting the Attorney General and pasting letters they received in response. In those cases, the attorney general told Facebook users, “We’ll write to the company you have a complaint against and ask them for a response regarding your concerns.” But even those successful Redditors report that going this route typically takes a month before accounts are restored. One Redditor suggested that contacting the Attorney General only helped half the time.
A Meta spokesperson told Ars that the best way to inform Meta of issues with hacked accounts is via facebook.com/hacked and instagram.com/hacked.
“We have invested significant resources into detecting and preventing these types of scams and helping anyone affected regain access to their accounts,” a Meta spokesperson told Ars. “While many of the improvements we’ve made are hard to see, because they stopped people from having problems in the first place, we know that scammers are always trying to get around our security measures. We know it can be frustrating to suffer any kind of business disruption, especially at such a critical time of the year. We regularly improve our methods of combating these scams and have built teams dedicated to improving the support we can offer to people and businesses.”