People with hacked Facebook accounts are buying Oculus VR headsets to force Facebook to help them

Originally published at: People with hacked Facebook accounts are buying Oculus VR headsets to force Facebook to help them | Boing Boing


This makes sense. A person who buys an oculus is a customer. A person who only uses facebook is livestock.


Yep, if you’re not paying for something on the Internet, you’re not a consumer, you’re the product being sold.


I’ve never understood how “my Facebook account has been hacked” actually happens. Are bad actors getting into the FB systems? Or are naive users just using easily-guessed or old passwords, or failing to use two-factor authentication? I don’t get it.

My mother got hacked by someone posing as a friend. The “friend” offered to upload some old photos of my mother’s parents to her account if she would send her password, which she did. Then the account got locked and the hacker started sending spam through messenger.


Right. Then the hacker can use her account to pretend to be her and ask her friends for their passwords. Rinse and repeat.


Exactly that.


But since the price of an Oculus Quest 2 is so heavily subsidized by Facebook, even in this case you’re pretty much still livestock.


XKCD did a cartoon about how to get passwords -


It is for this reason I bought a WMR headset for VR instead of an Oculus.

WMR headsets are made by third parties and the software stack is MSFT who has 0 interest in being hauled into antitrust court again. The stove is hot: don’t touch it.

I have 0 faith that Facebook will respect your privacy or not force you into some licensing nonsense with your headset.


Dude, Open the box and use beat saber. The quest is awesome.

(If you are already a facebook user and plan to continue otherwise get something else)

1 Like


Way to hack your hack!

1 Like

Just standard phishing and social engineering for the most part. FB users who get hacked aren’t technologically sophisticated to being with.

A couple of months ago the account belonging to the wife of an acquaintance got hijacked by scumbags who then started using it to run a “cancer fundraising” scam using her name and image. Facebook was, as expected, useless about resolving the problem, and all I could suggest beyond the links to their fraud forms was to send a lawyer’s letter to FB and file a police report (to avoid issues arising from the scam). I just sent her a link to this article as well.


Someone once created a Facebook account with one of my GMail accounts as the email address. I don’t know how he managed to validate the Facebook account without responding to the email sent to my account, but that’s Facebook’s problem.

I don’t know if they were being clever but the Facebook profile language was set to Arabic, and GMail automatically puts emails in languages that it thinks that you don’t know into the spam folder. Too bad I check my spam folder now and then.


First I took down the Facebook block at the router, went to Facebook and did “I forgot my password”, responded to the email and had the new password. Logged in, fumbled around until I reset the language to English, changed the profile name to “I am an idiot!”, changed the profile picture likewise, hit the 5 day self-destruct countdown on my way out the door, and blocked Facebook again.


Hopefully you put in the Arabic translation of I’m an idiot.

Gotta cater to the audience… :grin:


Interesting; for established accounts, it’s a 30 day countdown.

(I’ve been deleting sock puppets off it recently, which is a pain. Their UX is like the rest of their site, a complete horror show.)


I have a similar issue where someone used a variant of my Gmail address (as you may know incoming emails at Google can come from googlemail and gmail domains and ‘.’ characters are optional). Somehow they managed to set up two-factor so I wasn’t able to log in and remove my email.

It’s not malicious in my case (I messaged the guy), but the user has no idea what they are doing… And he still thinks my email is his email address so I get all sorts of personal and professional correspondence filing into a junk folder.

Anyway back to the point. Facebook responded that they can’t/won’t do anything about it as my outgoing ID is @gmail so therefore @googlemail isn’t me. :man_facepalming:

It’s a shame the guy isn’t at least interesting to snoop on. He does like edible arrangements a lot though…


Given that Oculus was started by a fascist and now owned by Facebook, which requires you to have an account to use the hardware so they can track you, it’s always been pretty toxic. I just saw a recent post by one of the Facebook VR leads talking about how they were working on strategies for serving ads in VR…


Isn’t it possible that this is not an unintended consequence on the part of Facebook?

1 Like