Hackers are using fake Oculus Meta accounts to get Facebook users suspended — everything you need to know

News
By published

Your Facebook account could be suspended, even if you’ve done nothing wrong

A hacker typing quickly on a keyboard
(Image credit: Shutterstock)

Having your Facebook hacked can be a real headache due to just how hard it can be to recover your account. But now, users of the social media platform are having their accounts suspended even when they’ve done nothing wrong and have the right security safeguards like two-factor authentication (2FA) in place.

As reported by Cybernews, Vietnamese hackers have begun creating fake Oculus Meta accounts which they then link to real Facebook profiles. However, doing so is registered as unauthorized access — likely since the email addresses don’t match — which then leads to a victim’s Facebook account being suspended. 

Here’s what you need to know about this new campaign and why it’s particularly hard to defend against.

Even 2FA can’t help you

The reason social media sites and security writers like myself encourage you to enable two-factor authentication in the first place is to help protect you from account takeover attempts. This is because once 2FA is enabled, a hacker would need access to your email or phone in order to login to your accounts.

Surprisingly in this case, though, 2FA fails to protect Facebook users from unauthorized account linking. Normally, you would need to verify that you are really you before you could link one account to another.

While a Facebook account used to be required to use the Meta Quest 2, this was scrapped back in 2022. Instead, Facebook’s parent company created brand new Meta Accounts so that users of its VR headset wouldn’t be required to sign up for its social media platforms.

If 2FA not working wasn’t bad enough, Astin-Gregory also points out that both Facebook and Meta’s help centers have been slow to respond when it comes to users having their Facebook suspended due to unauthorized account linking. 

Outlook: Meta needs to take action

Facebook app on phone

(Image credit: Shutterstock)

Although this issue is plaguing a small number of Facebook users, it still needs to be addressed as the hackers behind this campaign are abusing Meta’s platform to cause chaos or quite possibly for their own gain.

As for protecting your own Facebook account, it seems there isn’t much you can do since even enabling 2FA won’t keep your account safe. That said, the best antivirus software can keep you safe from malware and other cyberthreats that could occur as a result of having a fake Oculus Meta account linked to your Facebook. For instance, the hackers may try to send you malicious documents in a phishing email about unlinking your Facebook from one of these fake accounts.

While there have been plenty of Reddit posts about this issue, now that the news is officially out, let’s hope that Meta takes action soon, especially since doing so will lead to far less support tickets on the company’s end.

More from Tom's Guide

Anthony Spadafora
Anthony Spadafora
Managing Editor Security and Home Office

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.