From time to time I like to test the current state of customer support at Facebook, Instagram, Google, etc. to see if anything has changed from a security standpoint. Recently, I’ve deliberately handed over a page to my friend, removed myself, then reported it hacked to see if Facebook would comply. I did this to simulate a transaction, where the seller adds the buyer and then removes himself from the page. The page had less than 100 likes, so I didn’t even expect a response. These days, everyone claims that Facebook support is very unresponsive, so I believed that my submission would be omitted. However, I did receive a response, and it was quite surprising.

1112.JPG1686×351 48.5 KB

While this may be a standard, run of the mill response, it’s still on point and addressed all the issues in my report. Since I wasn’t indeed compromised, they did not and will not invervene, because:

If you were removed as a Page admin, you can try reaching out to the current Page admins directly about this issue. Facebook can’t provide any help with Page disputes like this. We’re sorry for any inconvenience this might cause you.

I find this quite surprising that they still don’t act on such reports. Unlike Instagram, where a sizable portion of hack reports get successfully resolved, Facebook doesn’t care that you’ve lost your page, and they will not act on any report unless they have proof on their end that your account was somehow accessed by someone else.

My conclusion is, Facebook fanpages are still one of the safest social properties you can purchase. In my seven years of doing this, we’ve only had 2-3 instances where a page was actually taken back, and till this day, we’re not sure how it happened. I am comparing those 2-3 instances to thousands of successful transactions, so the amount of risk is just a fraction of 1%. Now, this doesn’t mean they’re completely risk-free. Zero reach and page deletions are common, but like on any social platform, you have no warranty that your account will stay live. Since no one truly owns these properties (except the social giants), access may be taken away from you at any time, and for any given reason.

Also, Facebook replied in less than 48 hours.

Hello,

I also tried and experienced couple times.

The thing is that you should also make it look like as you were hacked.

Some of the things FB will check on the account that reported a page as hacked:

Was the password changed within a week!
Was the admin removed within the week when password was changed!
Was the password changed from a known device that often uses to login to that account!
Was the admin removed from a known device!

These are just a couple of the things that FB checks out, so of course if you just made your friend an admin and removed yourself by not changing your password, by using your mobile phone which is almost all the time logged in your facebook account, FB won’t get you your page back.

Putting this on public is quite a risk tho’, scammers would get some valuable info, since most of them are stupid af.

Cheers

Scammers will be scammers, and they will take the path of least resistance (most of them). Only a few will ever go to great lengths. Most of the things you’ve described are correct and possible. However, Facebook security is truly exceptional lately. In order to move a page out, you still have to log in and approve the unknown device, thus proving it was you. You would really need to take it very far and have established accounts on OTHER approved devices you control.

I am honestly impressed with how FB ramped up security. They even went as far and added the 7day admin removal rule. We really need to appreciate that, as it’s very difficult to obtain a fanpage via the old methods. These days, when a page is hacked it’s usually the admins fault (social engineering) or a Facebook moderator who actually didn’t follow protocol and gave a page back based on some made up report.