Recently, a Beijing company called INX had its Facebook advertising account stolen for nearly $5 million in advertising fees, shocking the industry. The company has in-depth cooperation with Facebook officials and has been mentioned as an official case: https://reachtheworldonfacebook.com/success/inx-tech. Even so, Facebook officials are not prepared to compensate for the stolen fees.
After unsuccessful communication with Facebook, the company is preparing to hire a Hong Kong lawyer to sue Meta (Facebook’s parent company).
“At 8 a.m. on July 13, 2024, our staff responsible for delivery found in the routine observation of the delivery data of the advertising background after getting up in the morning that the Facebook advertising account actually generated a large amount of abnormal advertising consumption far exceeding the usual amount. After investigation, we found that an e-commerce advertisement for a nose hair remover was created in all advertising accounts and spent $4,770,288.17.” The head of the company’s marketing department said that their monthly promotion expenses on Meta are between $800,000 and $1.5 million. Due to this theft, their cooperation with Meta has cracked.
“After the incident, we immediately informed Meta’s direct customer manager Bonnie and the connected agent, and asked Bonnie to go through the internal review and identification process of fraudulent transactions.
At 1:47 pm on July 17, 2024, Bonnie informed us of the progress in the WeChat group that we connect with on a daily basis: the fact of fraudulent transactions has been confirmed, but the amount of fraudulent transactions needs to be verified again.”
They thought that the matter could be properly resolved quickly and the corresponding losses could be recovered in time. However, on September 10, Meta’s direct customer manager Boonie and her leader Forest informed by phone that after Meta’s internal investigation, it was found that the source of INX’s personal account was unknown, so the loss cost would need to be borne by itself.
“Why was it previously identified as fraudulent transactions but not now? Why do you think that the personal account we registered ourselves is identified as unknown?” Since Meta’s feedback was that “the specific details of the identification cannot be made public”, INX questioned this.
According to INX, they provided Meta with more relevant information that could prove that the Facebook account was registered by them, but Meta responded that it could not prove that the account was registered by them. “Many of our personal accounts were registered by frontline colleagues more than once through various means. Because the personal Facebook account and email address were stolen and cannot be logged in, we cannot provide more information for Meta to verify.” INX believes that Meta should bear all the responsibility. “This incident is obviously due to problems with Meta’s account security mechanism, which led to the theft of our Meta assets. It did not happen only to us. We learned that nearly 100 such thefts have occurred in the industry. Some Meta paid compensation, and some did not. We believe that there should be no difference in treatment. Since the compensation proves that it is indeed a problem with the Meta mechanism that caused this incident, it should be “Bonnie, a direct customer manager who is a full-time employee of Meta, told us at the beginning that it was indeed a fraudulent incident, so the fact that the account was stolen was established by Meta’s standards. We were also given the expectation that we would just wait for the refund process, but the subsequent incidents were reversed. Where is the business credit? In the end, the standard for non-compensation was that our account source violated the rules. We provided information within our capacity, but Meta did not admit it. When asked about the evidence of our account violation, Meta could not provide it. It is unreasonable to refuse compensation without any basis, and they should be responsible.” The incidents of Facebook advertising accounts being stolen do happen constantly, and have been mentioned a lot in my forum. The essence is that the Facebook account of the administrator who manages Facebook adsmanager is controlled by others, resulting in losses. Regarding the security of Facebook accounts, I have published articles many times to warn, but there are always people who don’t take it seriously and think that this will not happen to them. Little do they know that the higher the road, the higher the devil. You don’t know when and where you will be targeted by hackers. He didn’t take action just because the timing was not right.