You’ve read of 3 free articles this month.

back-arrowCreated with Sketch.

Hacked!

How I met my identity thief

Early on the morning of April 2, 2015, I received a text message from a number with the country code +91:

Hi sir…

I just figured it was SMS spam, and I ignored it. Eight hours later, I got another message from the same number:

U know.. Who I am??? ðŸ˜ƒ

Annoyed at the insistence of the triple question marks and confused by the familiarity that smiley emoji implied, I wrote back a simple “No.” Within seconds, I got this:

Im hacker of your fb account… ðŸ˜œ

Six weeks earlier, my Facebook account had been hacked. I spent several hours in a tug of war for control of the account, and once I finally locked it down, I could see that the hacker was based in India (country code +91).

I thought it was over, but here my hacker was, texting me. Was this a second-wave attack? Did he have demands?

Why?” I asked.

Sorry for that trouble… I am just try to hack one verified account… ðŸ˜Š

Yep, I have a verified account on Facebook. According to Facebook:

“Some Pages and profiles are verified by Facebook to let people know that they’re authentic. You’ll see a blue badge next to a verified Page or profile’s name. These Pages and profiles may include: Celebrities and public figures, Global brands and businesses, Media.”

Do your Facebook friends have blue badges next to their names? If not, they may not be authentic friends.

Like a hostage negotiator in a movie, I decided to keep my hacker talking. For days we texted back and forth.

Have you successfully hacked anyone else?

Yes I hacked Eduardo Saverin but soon he recover his account

Eduardo Saverin is worth more than $5 billion and is one of the founders of Facebook. If a billionaire Facebook founder can allegedly have his Facebook account hacked, that made me feel better. I decided to up my own emoji game:

What do you do for work, when you’re not hacking verified FB accounts ðŸ˜œ

Two can use a winky smiley face, sir.

I am try to become an internet entrepreneur… Then I want become a famous person(like U)… And When my account has been verified then I will stop this hacking things… Thats it.. ðŸ˜œ

He has a degree in engineering (he shared this too) and will stop hacking when his account has been verified? He wasn’t hacking for money, but authenticity? I wanted to know more. Had he learned anything interesting from trying to hack accounts?

Actually am learn basic web designing. And mysql database.. and already I have criminal mind… 😜 First time I hack my ex-girlfriend gmail account… Then I like this crazy successful feeling…. And I help to hack my friends girlfriend accounts…

Then I like this crazy successful feeling?

What did you do after you hacked into your ex-girlfriend’s account? Was she upset with you?

Actually I want why break up with me??

Did you find out why she broke up with you? Was it because you didn’t trust her?

No sir.. She already have affair with someone…

But maybe she had an affair because he didn’t trust her. Just sayin’. I returned to the hacking.

So how did you hack the Harvard mail system?

On the day it happened, I figured out he got in by taking over my Harvard alumni email and then requesting that a new password from Facebook be sent there.

Itz very simple sir… Im hacked your account in 2 min… Im learned ur boi from internet… and create gmail account like yours then I fill the submit form with my email and Harvard send mail the Password change link.. That it…

He was typing fast. “boi” should have been “bio.” And Harvard should have been harder to infiltrate given how much money they have and how they’re supposed to be the best at all the things.

And what did you do once inside my FB?

Doing Nothing

So you just wanted to see that you could get in?

I just wanna see difference between verified and normal accounts… No one ready to give the Password… Thats why I will take it… ðŸ˜œ

He must believe that if you add an emoji after a terrible statement, it magically makes that statement less terrible, the same way people use “I’m not racist but” to precede something racist. I wonder if Christopher Columbus thought that way. “No one ready to give the New World … Thats why I will take it … ðŸ˜œ”

After days of text messaging, I felt like I was starting to understand my hacker. He was no longer a nameless, faceless overseas violator of my property rights. Still, the why of it all left me unsatisfied.

So if you were verified tomorrow would you stop hacking verified accounts?

May be yes…

Why is it important for you to be verified?

If you are a normal person, you talk about something to others No one intrest to learn your speech. But if you are famous person, doesn’t matter what r u taking… peoples like u very much…. ðŸ˜Š

Smoother translation: “If you’re not famous, no one cares what you have to say, but if you’re famous, it doesn’t matter what you’re talking about, people pay attention and like you.” I could not argue with his analysis of our culture.

My hacker and I continued to text each other. He asked me if I’d visited India before (I had) and how my father died (he was shot) and what my company does to make money (great question!). I found out he’s learning the PHP programming language, is 23 years old, and speaks Tamil. He’s still looking for a job, and yes, he asked if I would hire him.

Most important, I discovered things we have in common. We both have one sister. We both think chick­en biryani is the best Indian food. Now we’re friends. On Facebook. ðŸ‘ðŸ˜œ