Facebook lured charities to its platform, then abandoned them once they got hacked

Facebook's walled garden/roach motel strategy made it progressively harder and harder for charities to reach supporters on the web, driving them within Facebook's confines, where they devoted thousands of hours to making their Facebook presence attractive and pleasing to Facebook's algorithm.

Facebook rewarded them with a "Donate" button that could be used to raise funds directly within Facebook — which increased donations and also provided one more way for Facebook to lock in its users and surveil their actions.

But as charities started to fall prey to hackers who used phishing and social engineering to repeatedly take over the charities' accounts and steal the donations destined for them, Facebook was AWOL, refusing to answer increasingly desperate pleas from charities who sometimes found themselves blackmailed by hackers who threatened to delete the charities' pages altogether unless they diverted their donations to the hackers by way of ransom.

Some charities got shut down by Facebook, when the hackers who took over the accounts did shady things that triggered Facebook's fraud-detection. Again, nobody was home at Facebook to help these charities get their accounts back.

Wired traces the story of two charities that finally got their accounts secured and undid the damage that the hackers had done — but only by raising such a stink that a Facebook Vice President got the company's PR department to sort them out.

Remember this the next time someone calls for Facebook to stop harassment or hate speech: this is a company that doesn't pick up the phone when a hacker steals thousands of dollars from a charity. Once we ask it to start algorithms to decide what is and isn't acceptable speech, they'll make billions of mistakes, blocking everything from messages of condolences after a tragic death to urgent political messages on the eve of elections, and it will take months or years to get those decisions reviewed, and in many cases, you'll never get justice.

After WIRED reached out to Facebook in early October, an employee from the social network's communications department also contacted Alana to ensure that her account was secure, according to emails. But Alana's problems weren't over. Numerous fake Facebook accounts soon began appearing that impersonated people who worked for the shelter, or their friends and family. The harassment was exhausting, and it didn't stop until Alana transferred $1,500 to the hacker via an anonymous PayPal account—the same amount the fake GoFundMe had raised before it was shut down and the money returned to donors. Since then, Alana says, she and the shelter's Facebook page have been left alone.

But Alana is still bewildered by how difficult it was to reach a real person at the company. "Facebook needs to have some kind of customer service department," she says. "PayPal has one, Amazon has one, eBay has one. There is zero reason for them to not have one."

Facebook says it provides plenty of support.

Facebook Exposes Nonprofits to Donors—and Hackers [Louise Matsakis/Wired]

(Image: Howard Lake, Alessio Jacona, CC-BY-SA)