My Facebook Account Got Hacked; Here’s How I Recovered It

My Facebook Account Got Hacked; Here’s How I Recovered It

I’m not sure how to start this except to repeat, “I got my Facebook account hacked.”

I poured through tons of documentation, Quora and Reddit forums, as well as other blog posts trying to find some solution to getting it back after trying to deal with Meta’s awful recovery account recovery system. I just kept getting the “death loop” — more on that later.

So I decided to write this once I got my account back. Maybe this one blog post can save you days of frustration and disappointment.

The quickest way to figure out if what happened to me is happening to you is by skipping down to “What Happened”

Alternatively, if you’d rather listen to my story — I covered it on my podcast.

Agency Growth Podcast | My Facebook Was Hacked and Hacker Spent $30,000 in Ads | Episode 071

Table of Contents

  1. Intro & Context
  2. What Happened
  3. Learning I Was Hacked
    • Account Recovery “Deathloop”
    • Hacker Stole $30,000
    • What the Hacker Wanted
  4. Immediate Steps I Took
    • Reported Facebook Account as Compromised
    • Canceled All Debit & Credit Cards
    • Signed up for Aura
    • Changed All Passwords to Everything
    • Ensured 2FA & MFA Was Being Used Everywhere with Authenticator App
    • Reached Out to Hacked.com
  5. How I Got My Facebook Account Back
    • Scheduled Call with Hacked.com
    • Contacted the California Attorney General
    • Other Things I Tired
    • 5.5 Weeks Later
  6. After I Recovered My Facebook Account
    • Securing My Account with Hacked.com
    • Becoming Facebook Verified
    • Random Problems & Bugs with My Account
      • Session Expired
      • Account Restricted
    • The Hacker Kept Trying to Access
    • Suspended Business Manager & Ad Accounts
    • The Solutions
  7. Back to Normal

(For Context) My Facebook Account is Important

You probably find yours important too — but I figured some context would be good as I use my Facebook account for more purposes than the average user.

I run a lawn care and landscaping digital marketing agency (as in we do digital marketing primarily for landscaping and lawn care companies). A lot of which run Facebook ads.

It’s strictly against Meta policy to have more than one Facebook account. Even if your account has been compromised, you’re forbidden from creating a new one, or else that one might get banned.

Of course, everyone does this and your risk of getting caught is low, but as a legitimate business owner, I can’t take that chance.

On top of that, my Facebook account is an Admin for quite a bit of ad accounts, both internal and client-owned. There were implications to the security of my account I hadn’t taken into consideration prior to this happening to me.

Simply logging into the Facebook Business Manager under my personal account would give anyone access to those ad accounts — all of which have payment methods on file.

Now that we’ve established some context, let’s get into what happened and how I got it back.

What Happened

On July 15th, 2023 (a day before my dad’s birthday), my fiancée and dad were hanging out at my sister and brother-in-law’s house. As I was scrolling through Facebook, I was logged out of my app.

When I tried to log back in using my email and password, it said that the user was not recognized on Facebook. Additionally, when I tried other emails associated with my account as well as logging in with my phone number, I kept getting the same messages.

At this point, it hasn’t registered with me that my Meta account was hacked yet. I figured this was a bug or a glitch and only affecting my profile. I tried looking to see if there were any issues on Downdetector.

But nothing.

Not being able to use my Facebook account is a bigger deal than it might seem. If you’re reading this, I’m assuming it’s a big deal to you too.

As you can tell, this pretty much ruined my night. I figured I’d try again the next day.

(By the way, don’t tell Twitter you got your Facebook account hacked… you’ll get spammed.)

Yes… those are all spam comments, retweets, and likes (no one follows me on Twitter…X?)

Learning I Was Hacked

The morning after (now my dad’s birthday), I received a message from one of my clients:

“We just had some spam ads placed from our Meta account. We disputed the charges with the Amex. When I looked at the account, the three of us are the only people with access to the ad account. Please change your password in Meta to hopefully stop this activity. Thanks.”

This was at 9:11 am.

At 9:12 am, two things happened:

  1. I officially learned that this was not a glitch and that my account was hacked.
  2. I responded immediately.

“My accounts been hacked. Please remove me ASAP.”

Now it was game time to figure out how to get my account back.

Facebook Account Recovery “Deathloop”

A little-known fact is there are three ways to sign in:

  1. Using your email (not recognized)
  2. Using your phone number (not recognized)
  3. Using your account name (hadn’t tried this yet)

You can find your account name by going to your profile (have a friend go to it) and see what the handle is (it’s in the URL).

The first step is going to facebook.com as if you’re going to login.

Then click “Forgot password?”

Next, when it asks you for your email or phone number, enter your Facebook username instead.

Follow the steps and soon enough it will show you the associated emails and / or phone numbers that you can use to have a login code sent to.

What was my problem, though?

All of the emails and phone numbers it was showing me weren’t mine… they were the hackers.

Yeah, none of those are mine.

From here, I got sent into what is referred to as, “the account recovery deathloop”.

None of those will work so you click on “No longer have access to these?” and it shows you the same info…

You’re probably here because you’re either just curious about my story or you’re at the exact same spot. The worst part is that there is no public Facebook support line. All support forms require you to be logged in.

If you’re here, I’m sorry. However, there’s hope and I’m writing this for you.

Hackers Spent $30,000 on My Ad Accounts

This was the worst part.

The worst part wasn’t being able to engage with my family or podcast community on Facebook. The worst part was that in literally 12 hours after being hacked, $15,000 was spent across multiple ad accounts.

Remember when I woke up to that client message? By noon, 4 hours after I learned I was hacked, $15,000 was spent.

I immediately took action at 9:12am and contacted all of my clients to whom I had access to their ad accounts. It still wasn’t fast enough to prevent this.

I wasn’t able to get ahold of all of my clients that same day.

By Monday evening, the grand total spent was $30,000.

It was at this point, all of my clients had responded to me and taken action to remove my profile’s access.

What Were the Hackers Doing?

This is just because I know you’re curious.

The hackers were running spam ads on my clients’ ad accounts to a …foot massager?

Turns out, the site that the link went to was a scam site. I’m not sure if it stole credit card information or just didn’t deliver the product.

So their end game was to use an account that was associated with ad accounts and their payment methods, then run free ads to a scam site to further steal people’s money.

There’s a place in hell for these people.

Immediate Steps I Took After I Learned I Was Hacked

After learning my account was hacked (aside from contacting all of my clients), I did a series of things immediately after to protect myself and also take action to get it back.

This is everything I did in order of not only what I did, but what I recommend you do as well.

Reported My Compromised Account

Through all of my digging, I did find that Facebook has a link where you can report a compromised account. You need to know your username for this.

I’m not entirely sure what this does… no one reached out to me. But if I had to guess, it just flags the account internally to Facebook and Facebook likely restricts the access that account has to certain features (like viewing payment methods or other sensitive information.

Apparently, they don’t block the account from spending money on payment methods already present…

Canceled All Credit & Debit Cards

I’ve had my marketing agency’s ad accounts up for a while so I honestly had no idea what cards were still connected to my ad accounts. Additionally, if you’ve ever paid for anything directly through Facebook or sent money to anyone on Facebook, that card information is still associated to your account.

Not to mention if you have a Meta Quest. Is your card connected to your Quest account and is your Quest synced up with your Meta account like most people’s?

So step number one was to cancel all credit and debit cards.

DON’T throw away your old cards. Keep them until you get your account back. These will come in handy for recovery later on.

Signed Up for Aura

When I realized the financial implications of having an account like Facebook hacked, I realized I needed better online security management.

Even if it wasn’t an account like Facebook, an email getting hacked that’s connected to other accounts is also not ideal — imagine what accounts that email can be used as a means to access other accounts.

I was really looking for a VPN because I was never going to be logging into public wifi again without being secure. But I found a lot more with Aura that I didn’t realize was helpful like:

  • A password manager to not only manage my usernames and passwords to all my accounts, but also auto-generate random passwords for each one
  • Online data monitoring — in the Aura dashboard, you can monitor multiple emails, phone numbers, and other personal details (including documents like passports and social security numbers). Aura will let you know if any of that gets leaked on the internet
  • Bank account monitoring — Aura monitors my bank account transactions
  • VPN — what I was actually looking for
  • Data broker removal requests — Aura will also ask data brokers to remove your information if they find it in their possession
  • $1,000,000 in identity theft protection
  • And a ton more, honestly…

It was basically a complete online personal data security tool for $15/mo and it was well worth it.

Even after logging in for the first time and inputting my first emails to monitor, it immediately let me know that certain emails and passwords were involved in data leaks… that would have been helpful to know before this happened…

This wasn’t meant to be a promotional post. It’s literally what I did after I was hacked.

After signing up for Aura and getting my account back, I partnered up with them as an affiliate / partner. I realized this was a tool I wish I had earlier and everyone should have.

Even if it isn’t Aura — get some kind of data monitoring tool.

I’d even recommend getting set up with the 14 free trial just to see how much of your data Aura finds that has been compromised.

You can get up to 50% off individual plans with my link or 63% off on family plans.

Okay, moving on.

Changed All of My Passwords

I had already started changing passwords on other social accounts like LinkedIn, Instagram, and Twitter, but next became the exhaustive process of changing passwords for everything…

However, Aura made this process significantly faster… This isn’t even a plug — it’s legitimately what I did.

I used to use Passpack for my passwords but it had its flaws. I was on the free plan and that’s all it was, a desktop password manager with no mobile application or ease of access. I had almost 100 passwords in there.

I downloaded the password and user files and then simply uploaded them to Aura. Aura then went through and found all passwords that were either weak or reused. From there, I just went in and changed those ones.

I just had Aura randomly generate passwords for everything. No thinking involved.

Ensured 2FA & MFA via Authenticator App Was Used on All Platforms

The thing that frustrated me the most was that I had 2FA turned on for my Facebook account. It was the Facebook SMS text with a code. I did notice early on that Facebook’s texting system wasn’t great. I’d have to “resend” the code almost every time just to get it once.

The unfortunate part was that I had never gotten a text to my phone saying someone was trying to log in from another location or an unrecognized device.

I’m not a hacker so I don’t know the kind of strategies they use to prevent that SMS from firing. Friends and forums have told me that hackers can get ahold of your carrier and social engineer them to get them a SIM card with your number as well as just spoof your number so the SMS is redirected to their number (maybe it’s the same thing?).

Either way — lesson learned, 2FA SMS is trash and you should be using an Authenticator App when at all possible.

If you’re new to authenticator apps, they’re basically just an app on your phone that connects to the account you’re securing. The account you’re logging into (Facebook) will ask you for a 6-digit code in your authenticator app.

So you’ll have to open that app and get that code, but that code resets every 60 seconds.

Rather than an SMS text message code being able to be intercepted, the code lives on your device only in your phone. Facebook asks the authenticator app if it’s the correct code when you put it in and the authenticator app acknowledges it, allowing you to access your account from a new device.

Some authenticator apps I recommend:

Bonus points if you use biometrics on your phone to unlock your app.

Security Keys

One more option for 2-factor or multi-factor authentication…

Some platforms allow you to use a security key rather than an authenticator app or other form of 2-factor authentication.

Security keys work almost the same as authenticator apps but instead of being able to simply log in to your app via password or biometrics, you have to have a physical device either connected via Bluetooth or plugged into your device to access the authenticator app or platform. It’s a literal key to your account.

This is the next step above the app for added security. You can get them on Amazon.

Reached Out to Hacked

If you do only one thing in this entire post, do this one.

This was the number one thing I did to get my account back. Everything before this was just to protect myself from further damage. None of it actually helped me get my account back.

After all of this happened on July 15th, not only did I spend every second researching options, so did my family.

My fiancée found an article from Verge (I think it was this one) that mentioned Hacked.com.

I’d been skeptical about reaching out to a company regarding getting a Facebook account back because of what I mentioned previously with the bot commenters and spammers.

They charge per call. I can’t remember what the initial consultation cost. I think it was between $50 – $70. I figured the worst that could happen was that I lost that money but nothing else.

Since I was already in the hole for $30,000, $70 didn’t seem so bad to gamble.

I reached out to Hacked.com and was paired up with Christian — the most calm and collected person I’ve probably ever talked to via Zoom. He kinda reminded me of Justin Long.

You can even read my review of them on Trust Pilot I left on August 25th, 2023. That’d probably paint an even clearer picture than I am painting right now.

I’m not gonna lie, the way they take payments seems sketchy. It’s via PayPal. Maybe they’ve updated it since I worked with them. However, they’re completely legitimate, just a small company that hasn’t quite invested in more well-known invoicing / payment software.

How I Got My Facebook Account Back

Ultimately, it was Hacked.com who really helped me get my account back. But I exhausted a few other options as well.

Got on a Call with Hacked.com

As mentioned before, step one is getting on a call with them. Go to their website here.

Step two is to be patient. This process can take weeks or even months. But they’ll tell you that on the call as well.

Christian at Hacked.com led me through a pretty extensive process to account recovery that went through all options (and trust me, there is a lot). He was familiar with the “death loop” and everything we tried was to circumvent that.

There was a strict process we followed. We never tried two things at once.

I’m not going to get into what we tried or details about the process because honestly, I don’t want to give away the secrets of their business that helped me get my business back on its feet. I value what they’re doing and want them to be successful.

Contacted the California Attorney General

I don’t have confirmation on this, but I think this was the nail in the coffin that sealed the deal.

One of the steps we took was to contact the California Attorney General (because that’s where Meta is located… oddly enough… on 1 Hacker Way….).

Hacked.com instructed me on how to reach out to the California AG as well as what to say in order to get a response.

The advice worked…

I submitted my complaint on August 1st and the letter I received in the mail a week later from the AG was dated for the following day.

You can read the whole letter I got from Rob Bonita below.

I don’t think I could have made as compelling of a case without Christian coaching me.

Other Things I Tried…

In my line of work, I do a lot with Facebook ads and with that, I get Meta Parter Pros reaching out to me via my work email (and sometimes my personal email) about ad accounts they’ve been assigned to.

They’re basically glorified sales reps to get you to spend more money. Google does this too and I usually ignore both of them.

But one Partner Pro reached out to my work email and instead of ignoring her, I simply said:

“I had my account hacked and can’t get back in.

I’d love to help you, but I can’t.

This actually got a positive response from her and the first Meta Marketing Pro that has actually tried to help. She even called me and we talked on the phone about the issue.

She said she was going to put an internal ticket in with her team to help get this resolved as one of the accounts she was assigned to was one that had $15,000 spent on it fraudulently.

Crystal was really helpful for about a week and a half. After the internal ticket was logged, it was outsourced to a help center in India and they honestly had no idea what was going on.

They ended up flagging me as “unresponsive” when they said they’d send me an email (to an email that I gave them) asking me to show them what I saw when trying to log in — but they never sent that email.

It got my hopes up but ultimately I hit a dead end.

5.5 Weeks Later

On August 23rd, I noticed I had gotten two emails right in a row that I hadn’t gotten in a few weeks:

  1. An email saying that my ad was approved and scheduled (weird)
  2. An email saying that someone tried logging into my account (hadn’t received this since the first week of this)

The first email was for a client of mine who was running their own ads and my email was still associated with the account. I checked the ad and everything looked legitimate. The other weird thing was that the hacker had removed my email from the account… so how was I receiving this email?

The second email I had received before… but It had been a long while. The contents of the email when opened and read stated that the next time I log in, I needed to verify some details and change my password.

If this was one week into this process, I would have just deleted the email because it would have sent me to the hacker’s recovery options. But I thought I’d give this email a try just to see what happens…

I clicked the button, “Secure Account” and I was immediately directed to a page that asked me how I would like to receive a secure code for authentication.

I couldn’t believe it… it showed me all of my old emails and phone numbers associated to the account. It was like the hack never happened and Facebook just reset everything to pre-July 15th.

One thing it had me verify was a saved payment method…

This kinda sucked because I cut up and threw away all my old cards.

Fortunately, I had my credit card number cooked in my browser and my browser was able to pull in the CC information which worked!

Earlier I said to not throw away your old cards — this is why.

After I went through the recovery steps… I was in! I was staring at my feed!

…along with 97 messages and 99+ notifications…

After I Recovered My Facebook Account

Post-recovery was littered with learning moments as well. I knew that just because I was back in didn’t mean was going to immediately go back to normal.

Securing My Account with Hacked

Once I was back in, I messaged Christian at Hacked.com and we jumped on another 20-minute phone call. He walked me through securing my Facebook account. Updating settings I didn’t even know existed.

We actually spent the majority of the time going through connected apps and disabling them. Remember 2010? The Farmville and “What Disney villain are you?” era? Yeah, all of those are connected apps that technically have your Facebook login.

You have to go through all of those and disconnect them.

Becoming Facebook Verified

This was something I didn’t want to do.

It’s $12/mo and you get that blue checkmark next to your name.

I’ve always hated people who do this because I figured it was just a way for people to feel more important than they are and to essentially “buy” clout.

However, it comes with added security to your profile and a direct helpline for issues with your account or Facebook in general (more on that in a little bit).

I paid the $12 and verified my account. I verified with my government ID and even a letter in the mail to my home address to verify my actual location.

By the way, here are the steps to get Meta Verified.

I’ll still make fun of people for getting it for the clout purpose (although no one will admit it), but if security is your reason… then I’m with you.

Although… it does look kinda neat…

Random Problems and Bugs with My Account

After 5.5 weeks of a hacker using my account for hacker purposes and after I told Facebook that my account was compromised, literally everything I did was “suspicious activity”.

Session Expired

I kept getting emails saying that there was suspicious activity and that I needed to say “This was me” or verify some sort of information. It happened at least 3 times per day. And every time that it did happen, it would log me out everywhere and I would get a “Session Expired” notification.

The process was even more annoying because I didn’t know my password. I used randomly generated ones from Aura’s password manager.

It also made me change my password a lot. Saying that there was suspicious activity and that I needed to update my password.

Aura made it super easy but having to go in and have it randomly generate a new password every time was a pain. Not on Aura’s part — just the Facebook process in general.

Account Restricted

I noticed another weird thing. My profile kept saying that it was “restricted”.

Nothing seemed to be “restricted” and I didn’t notice anything that I wasn’t able to do normally. This banner was just annoying me and also a little concerning.

The Hacker Kept Trying to Access

The most annoying part was that the hacker kept trying to access my account not realizing I had reclaimed it.

They weren’t ever able to get back in and any time that I got an email like this, I would do what Facebook was asking and reverify that this wasn’t me.

The hacker ultimately gave up after this last attempt in early September.

Suspended Business Manager and Ad Accounts

The biggest post-hack issue I was dealing with was having my Business Manager suspended and all of the associated ad accounts.

I’m sorry I don’t have a picture for this but basically, when I went to business.facebook.com, my Evergrow Marketing (my company) Business Manager was restricted because all of the ad accounts were restricted for suspicious payment activity.

I actually assume the suspicious payment activity was due to me canceling all of my cards and the hacker still trying to spend money on them.

That mixed with my flagging my profile as “compromised”.

I reached out to Facebook Business Support using the Facebook Business Support form (I don’t actually know how to get to this form… A friend sent it to me and I’ve just saved it).

It’s a crapshoot whether you actually get someone that helps you. I did get someone to open a ticket for me but it went literally nowhere.

I got my account back… but my business was still technically dead in the water until I could figure out the Business Manager situation.

The Solutions

I remembered as a Meta Verified user, you get better access to Facebook support.

My plan was to submit a support ticket through there to look into my “Account Restricted” profile b manner as well as the Business Manager issue.

If you go to accountscenter.facebook.com, and then click on “Meta Verified”, there is a button called “Get Support”:

I went through here and submitted a “Problem” or “Error”, I can’t remember what it was called at the time. But I got connected with a rep who eventually asked if she could call me.

She did and I was able to explain the situation.

Long story short, my Business Manager and associated ad accounts were enabled along with that banner was removed from my profile within a matter of hours that same day.

Also, the banner on my profile was a bug. It wasn’t actually affecting anything. She said on Facebook’s side, the account is in “green health”.

Back to Normal

I’m pleased to say that everything has seemed to go back to normal. It’s October 16th at the time of writing this and I have experienced no problems with Facebook.

The last time the hacker tried to reaccess my account was on September 5th.

Oh, and in case you’re wondering… yes, all of the $30,000 was either recovered or forgiven. None of my clients or myself had to absorb that.

I know this was a lot to read, but if you read all of it, thank you for taking the time. I hope it was a quick read and if you were going through this and this either helped you or brought you comfort then this post did its job.

What Happens if You Use an Image Without Permission? Well, We Got Sued

What Happens if You Use an Image Without Permission? Well, We Got Sued

>> 5 minute read

The worst part about writing papers in high school was citing your sources. Even if they were obvious, like quoting JFK. I assume that’s the case in college. I’m not sure. I dropped out.

That probably explains why my business partner and I ran into this problem a few months ago with one of our clients.

Because we signed an NDA on this deal, I can’t actually show the image we used or discuss the contents of it or which company hired the law firm to shake us down.

So just take this for what it’s worth. 

Cody and I build and market websites for a living. I’ve been doing this since 2018. He’s been on board since 2019.

Since almost all of our clients are landscaping and lawn care businesses, a fair amount of them don’t have their own photography to use. We can’t have blank websites.

So we use stock photos, specifically purchased ones from 123rf.com.

The problem is that we’re industry professionals.

We’re not going to use images that were incorrectly labeled as an armyworm when it’s a webworm.

We’re also not going to use an image of a homeowner or model spreading seed with a plastic Scotts spreader when they use commercial spreaders like Lesco.

Long story short, I couldn’t find a decent image on 123rf.com, so I turned to the ol’ Google Images.

Fastforward five months and my client forwards me this:

Notice of Copyright Violation with Unauthorized Use of Copyrighted image

You’ve got to be kidding me.

I can’t be too mad. I made the decision to cut a corner and it bit me in the ass.

Of course, at this time, I wasn’t entirely sure what the public domain was. But I did know images were free game there. I think I was a bit confused on what is actually labeled as such.

Still am.

Anyways, there’s a lot of fancy words and phrasing in this letter that seem pretty threatening. Fortunately, our relationship with our client was (and still is) pretty good. We reassured him we would take care of this.

Removing the image wasn’t a big deal. “Sorry. We’ll take that down” wasn’t an acceptable answer for them. Their client wanted money.

After we told them we had removed the image they thanked our client and then told us that just because we removed the image doesn’t mean their client wants to drop this.

They told us $1,500 would prevent the client from seeking further legal action.

Convenient. Since $1,500 is small enough to not go to small claims court and large enough to be a burden.

Here’s where that put us

 

I used an image from Google and rolled the dice. Like an idiot.

However, we weren’t too worried. We were pretty confident nothing could really come of this since we removed the image within 3 hours of receiving notification.

And according to US Copyright law, Code § 512, we were protected from any financial liability due to our prompt removal.

US Copyright Law Section and Code 512 that Allows Removal of Unlicensed Work without Financial Liability

We sent this over to the law firm issuing this claim on behalf of their client (the owner of the image) and explained we were within our rights to remove the image and not be liable for any financial responsibilities.

We waited three days but didn’t hear anything back. And since this law firm was only giving us 2 weeks to respond, we assumed they just didn’t like what we had to say and weren’t going to accept that as a response.

The whole thing just seemed like a threat.

So that left us with two options.

The first option is what I wanted to do. To go tell this law firm’s client to go pound sand.

We’re clearly protected from financial liabilities since we removed the image within a timely manner. More than timely. Impressively responsive, in my opinion.

However, fighting back always brings retaliation. And the last thing we want is retaliation from a law firm for something we clearly made the first mistake on.

We even reached out to our lawyer and looped him in on everything. Since the financial compensation amount was relatively small (too small for small claims court to be worth it) we figured fighting it might be a losing battle.

Again, to us, the amount was relatively small. That’s not to say it wasn’t a lot. It was. And we didn’t want to dip into our business savings to pay for this.

Additionally, we know in court we could beat this because the law was clear. But was there something we were missing somewhere? A loophole?

I’m also not the kind of person to roll-over and accept a loss. Which is what this would have been if we just paid it.

We asked our lawyer for advice and he just said to do whatever helps us sleep at night.

Lawyer's Advice on Dealing with a Copyright Infringement Notice

If you read the above header and thought we got out without paying the full $1,500. You’re wrong.

We paid them. In full.

We did this for one reason. But really three reasons.

The main reason is because it helped us sleep at night.

But the three actual reasons are:

1) $1,500 is too small for taking something like this to small claims court. We’d be paying court and lawyer consultation fees that would equal more than this amount.

2) The people who hired this lawfirm sued a major education company in the past and won. That wasn’t a challenge we wanted to take on.

3) We accepted the responsibility of my mistake.

That last one is important.

I made a mistake. And I accepted the responsibility and the punishment. Of course, we’re still curious how this would have played out had we fought back.

Our client thought we were getting shafted.

I think the lesson I learned most here was to accept the responsibility of your mistakes. They really do help you sleep better at night.

And you can bet your ass our library of LINCENSED images has grown exponentially since this event!

We learned that being honest with our clients is the best policy. Even when we screwed up, our client was still on our side.

We learned to pick our battles. Not every battle is worth having, especially when the victory isn’t actually coming out the “victor”.

And most importantly, we learned to just not use ANY images we don’t have explicit rights to. We also learned to document that in our processes so our employees don’t make the same mistake.

I don’t have a specific blog post for this, so I’ll include this here in case you’re curious. This would have fit better earlier in this story, but I didn’t want to detract from the main reason you started reading this in the first place.

The first question we need to ask ourselves is what images can we use. Ultimately, it’s just whoever has given you consent to use their image. It’s NOT whatever you can find on Google.

Public domain images are free to use by anyone. They’re like Yankee Doodle. No one owns them and they’re free to be used by anyone for any reason.

Just because you can find an image in Google does NOT mean it’s public domain!

It’s when an image’s copyright has expired or was never registered in the first place.

Certain images also cannot be copyrighted, like well-known symbols.

However, artists who wish to have the public use their images as if they were public domain images usually waive their copyright protections voluntarily with a “No Rights Reserved” license (CC0).

I’m still fuzzy on what that really means.

But I do know that there are a few websites where artists voluntarily upload their work for use by nearly anyone for free. A couple of them are:

Well, there’s really tons of them. But 99 Designs has a list of 31 of these sites.

A fair warning, you’re probably not going to find anything good on these sites. Public domain and anything “free” usually follows the saying, “beggers can’t be choosers”.

Here’s your best bet.

If you find an image you like and you’re unsure if it’s a public domain image and it’s not listed on one of the sites linked to above… GET PERMISSION TO USE IT.

Make sure it’s written. Whether it’s an email or a hand-written letter. Get permission.

The easiest way to get permission is to just pay for the damn licensing. Most photo / image sites have some kind of purchase or subscription plan.

And let me tell you what, $2 – $5 per image is a lot cheaper than a $1,500 shakedown.

Multiply that by how many images you stole and you’ll be wishing you could have paid $10 per image.

A lot of the image sites that 99 Designs listed above also include images from artists that still retain the copyright to their images, but you can typically purchase them individually or with a subscription plan.

Of course, my favorite site right now is 123rf.com.

How Evergrow Was Created: An Uneventful Prelude

How Evergrow Was Created: An Uneventful Prelude

The more I read about successful entrepreneurs, the more I realize a common theme; a fair amount of them regret never having documented their time while starting their business.

They don’t have any video diaries of their first years or even any posts or notes. I don’t want to live regretting I didn’t do that.

However, I am writing this kind of late. I started conceptualizing Evergrow in 2017 and it’s…December 22nd, 2020 at the time of this writing.

Fortunately, I do have some documents as well as a 10 minute video diary I just watched from December 2018 reflecting on the past year and a half. So I’d say I’m pretty well refreshed on my own history.

This will be the start of my posts I’ll write about my yearly journey in creating a business from scratch.

No seed investors.

No parent’s money.

No “life savings”.

Just a computer and dream (that was corny).

This one will be boring. I just always feel like we need a backstory to why a decision was made. I feel like it can provide some great context for the story later.

 

The Precursor: January, 2017

Mudd Advertising

It was January 2017 and I was gearing up to move to Kansas City from my home town of Cedar Falls. I needed to find a job.

I had been working at a marketing agency for about two years and had started as a Client Services Representative. It was an entry-level job making $28,000 ($14/hr) per year.

It’s here where I found my passion for marketing. I took a class in college on it… right before I dropped out, but it was Mudd Advertising that gets the credit for it.

I busted my ass here.

I worked long hours just to be the best Client Services Rep. I had eventually climbed the ranks and in less than the two years I was there to the Account Executive position for the agriculture division.

It was a fancy title for, “I get to keep all of my Client Services tasks while also managing and selling smaller accounts in the agriculture industry”. But it had effectively raised my salary to almost $40,000 after comission.

To me, $40,000 was a good amount. I think that’s what my dad was making in the early 2000s in his mid-30s.

However, I knew I was too driven to stop at $40,000 and Mudd wasn’t going to move me any higher. I had learned what I needed to know in marketing to take to Kansas City with me and make some moves.

Mudd overworked and underpaid us. It was probably one of the worst jobs I had. But it was the job that put me where I’m at now.

The Move / Hammel Scale

With my marketing background, I was able to create a compelling marketing resume despite not having any formal education in the area.

I landed a job in Kansas City, Kansas as the Inside Sales & Marketing person at Hammel Scale, a small, industrial scale distributor.

It was a small company but they gave me creative freedom with marketing at first. Plus they started me at $47,500, which was a heathy increase . I didn’t feel like I was taking a step back.

But something never felt right while working at Hammel Scale. I wasn’t educating people on digital marketing like I was at Mudd. That’s what I wanted to do.  I wanted to educate and execute it.

 

The Catalyst: March, 2017

Around March of 2017, I was living at my new place in Prairie Village, Kansas with my then fiancée. The biggest issue with that place was the backyard was literally nothing but dirt and creeping charlies.

when it rained, our dogs would go out, get muddy, then we’d have to dry them off and wipe the mud off of their paws before they came in.

So I started looking for lawn care services to fix this problem. Maybe a full yard of grass will help.

As I was searching through Google, I noticed there were a lot…and I mean A LOT of lawn care businesses. And literally all of them except for maybe two had their Google My Business listing optimized let alone claimed.

Their websites were even worse… just God awful. It should have been a crime.

The Idea

I had never actually executed marketing for another business. I just knew about it. Sold it. Reported on it.

But how hard could it really be?

I knew there was an opportunity here. There was an opportunity to get these lawn care businesses to stand out over TrueGreen, BrightView, and the local Kansas City Metro gian, Ryan’s Lawn  & Tree.

I just didn’t have a team I could turn the lead over to execute the plan.

I started where the most obvious answer was.

Optimizing their Google My Business listing.

The original idea was really simple.

A one-time, $250 fee for me to claim it and optimize it for them.

Clearly I wasn’t an entrepreur at this point. The biggest flaw in this being that this is a business model for “extra income” and not “recurring income”. And that’s probably what it was intended as when I first started it.

So I got to work on figuring out how to claim and optimize a Google business listing.

Yeah, I still didn’t know how at this point.

Needing a Guinea pig: April, 2017

I didn’t want to start doing this by calling up a random lawn care or landscaping business. I wanted to be a bit more discrete about it and make sure I was doing it right.

So I started looking at who would allow me to do this for them for free.

Churches.

Churches will take anything for free.

I reached out to a couple local churches to see if they’d be willing to let me claim and verify their Google listing. I had to meet with a couple of them to explain the benefits and the process.

The process was literally just me saying,

“I honestly don’t know how this is going to go. I used to sell these services and my team handeled it. I’m starting my own business and want to learn how to do this on my own. That’s why I’m offering this to you for free.

This is where I was able to learn how to perform simple tasks and I could actually get my business off the ground.

But I waited still. I waited until I was a bit more comfortable.

Learning & Getting Certified: May, 2017

I wasn’t yet comfortable with the idea of taking people’s money to perform a task I wasn’t an expert in. I didn’t have any confidence in this yet.

So I decided to get Google Analytics and Google Ads certified. This was something I could have done at Mudd. But it didn’t come with a pay raise, so I never did.

These classes are free on Google. They’re also extremely valuable. Especially if you ever expect to call yourself a digital marketer.

Google Analytics Certification
Google Ads Certification

Taking these wasn’t fun. But I knew it was a step in the right direction.

Long story short, I got certified.

But in the meantime, I used my new marketing knowledge and kept applying it to my day job at Hammel Scale. This, of course, was because what I had with my business idea wasn’t really anything other than an idea at this point.

I was preparing.

 

That Tai Lopez Training Course

Look, we all make mistakes.

Some of us forget our anniversaries while others join MLMs, peddling products that are overpriced and poor quality. Messaging people from highschool they haven’t talked to in years with “Hey Girl!”

Mine was watching an entire Tai Lopez video ad on Facebook.

It was a video ad on starting your own 6-figure per month social media marketing agency.

It was a good-ass ad.

it was so good, I loaded my credit card up with a $1,200 charge to pay for this damn class.

Don’t make my mistake! Yes, I learned a couple things, but those things you can learn for free! The topics I learned about are below. So just take that advice and save yourself the money.

I thought it would have a lot of useful information in starting by own marketing agency.

I’m not going to lie. There were actually some good things in the video they covered. They talked about LLC vs S Corp, having confidence, and creating tiers.

It was when they started talking granularly about stuff that was just a bunch of horse shit.

Their SEO and Google Ads practices were way out of date and they were teaching things that would get you banned from search engines.

I never finished the course and received my “certification”.

At the end of the day, I’m happy I took the course, though. It did teach me some things about owning a digital marketing agency and getting set up. Beyond that. Nothing.

Niching Down

The BIGGEST takeaway from the shitty Tai Lopez course I took was a simple concept:

Find your niche.

In otherwords, if you’re going to be a marketer, don’t market for every type of business. There’s no value in a jack-of-all-trades.

But there is a ton of value in a specialist.

I thought back to my original business idea of the Google listings for small businesses. I thought niching down was going to be dumb. It was going to severely limit my target market.

But I did it anyways and I stuck with it.

After heavy consideration, I picked lawn care.

It Felt Like the Perfect Fit

There were three reasons why lawn care and landscaping niche felt like the perfect fit.

  1. The industry was very behind on digital marketing. The opportunity was definitely there.
  2. I’d always wanted to start a lawn care business with my dad. We’d talked about it for years, but never did.
  3. I was already familiar with the green industry from working with agriculture clients.

Everything just seemed to kind of fall in place. I felt at peace.

Deciding on a Business Name: June, 2017

At the end of the day, I was a digital marketer. Whether I had just learned how to perform simple digital marketing tasks or not, I knew what I was talking about when it came to digital marketing practices and theories.

Your business name is great, but the domain for the website is better. I knew that going into this and that’s how I decided on my name.

I didn’t want to have my first or last name in it. I wanted the option to sell the business with its own brand identity in the future if I ever decided to entertain that idea.

I also wanted to have some meaning that related to the green industry. Additionally, a simple .com had to be available. I wasn’t going to settle with a .org, .net, .biz, or whatever.

The problem was, almost all of my domains were taken.

blueprintmarketing.com
evergreenmarketing.com
redoakdigital.com
redoakmarketing.com
etc…

I went through so many of these, that I started helping other people find domains for their business when their first choices were taken in the years to come. So much so, I ended up writing a blog post about it on the Evergrow website.

My business partner even wrote a post on his site about 5 months later called, “What to Do When All of the Good Domain Names Are Taken”. I’m not saying he stole my idea… but I mean…

Anyways, it went through a bunch of iterations before I landed on evergrowmarketing.com. The domain wasn’t taken and no one else had registered that name.

I took it. And EverGrow Marketing was born.

Advice to Young Marketers Starting Their Own Agency

Advice to Young Marketers Starting Their Own Agency

>> 7 minute read

Recently, a friend from church asked me if I’d be willing to give someone he knew from chruch advice on starting his own marketing agency.

He was a young, fresh-out-of-college kid who was hungry to start his own marketing business. In other words, he had been brainwashed. And I had to undo everything he had learned whether it was from antiquated, college, marketing lectures or bullshit, get-rich-quick, marketing agency courses from online “digital gurus”.

After exchanging about three or four messages, I knew exactly what he thought about marketing, what he thought worked, and how soon he was going to fail if he kept on thinking the way he did.

He sounded like every other “digital marketing guru” in the world. The same polished turd that floods your Facebook and LinkedIn feeds with dumb, rhetorical questions that have obvious answers.

Yeah… those are the ones.

He seemed to blow off a lot of the answers I gave him. If he didn’t like what he heard, it seemed like he thought I was wrong.

Honestly, I don’t care. I have the successful marketing agency. He doesn’t.

So with that, here is my advice to those young marketers willing to listen… and probably be offended.

We’re kicking it off with this one.

The number one reason people fail at starting a marketing agency  (besides they simply don’t know how to run a business) is because they think what Tai Lopez teaches actually works.*

*Not an actual statistic…

It doesn’t.

Tai Lopez’s marketing agency course has about the same success rate as being successful in a multi-level marketing business (legal pyramid scheme).

It’s built on the idea that your potential clients are morons and you’ll be able to swindle a minimum of $5,000/mo out of anyone.

Your clients aren’t idiots. They’re business owners. And business owners are 200% smarter than nearly every marketer out there.

Before you make your judgements, yes, I took a Tai Lopez marketing course to see what they teach. It’s 10% good marketing practices, 20% outdated marketing practices, and 70% assuming your prospects are idiots.

The real idiot is the one thinking they’re getting value out of these courses.

And it’s not just Tai Lopez. It’s any of those social media, marketing influencers who have some proven method to success for your agency.

Take your pick. Billie Gene, Dan Lok, I’ll even throw Grant Cardone in there.

Those who cannot, teach.

I will say, one great thing Tai Lopez does teach, is niching down.

If you’re a marketer and you don’t specialize in a certain industry, then grab a shovel and start digging your own grave.

It’s 2020, there’s no way little Johnny-know-it-all who’s fresh out of college is going to be competing with multi-million dollar marketing agencies.

If you don’t focus on a niche, you’re not an expert in anything.

We’re the experts in landscaping and lawn care. Clients come to us because we’re a member of NALP, write for multiple landscaping publications, and are featured on landscaping podcasts. We know marketing and we know the industry.

You’ll never penetrate a market if you don’t focus on it.

Birdshot probably won’t kill a deer. But .30-06 will.

Be a .30-06.

This almost goes without saying. If you’re going to niche down, you need to understand your niche. Not just the market, but the trade.

If your niche is dentistry, you better know a lot about dental practices. Learn what services go hand-in-hand with each other, how often you can get a patient to come back to the office. Learn about how dental insurance works.

In other words, think as if you own a dental practice. You don’t have to be a dentist. Just understand the business and how it makes money the best.

Read books about running your own practice. There’s literally a book on everything. Here’s one on how to run a successful dental practice  (I Googled this after I typed this example).

My business focused on the landscaping industry. That lead me to read books like:

This allowed me to connect with my clients and become more credible in their eyes.

Knowing how to market their business is only half of the battle. You need to know how their business works.

It’s my belief marketers don’t know how to handle money. They may know how to allocate other people’s money. But if the amount isn’t dictated by an outside party, they’ll blow through it faster than a teenage girl at an outlet mall.

In turn, they don’t know how to properly run a business. So when you get turned down, it’s because your solution didn’t make practical business sense.

You have to realize marketing is certainly a positive investment for anyone. But YOU may not be. If the business didn’t buy into your marketing plan, it’s probably because:

  1. Your plan didn’t solve THEIR problems
  2. You didn’t quantify how you could help them in terms of their own profit numbers
  3. They just don’t trust you

If a business rejects your proposal, it’s not because they don’t see the light. It’s because you didn’t present a solution that solved their problem.

You need them to tell you what their problem is.

Business owners work to solve problems. Marketers look for problems to solve.

Don’t look for problems. Listen and provide a solution if you have one. If you don’t, then let them know. You don’t have a solution for everything and you shouldn’t.

People respect humility over arrogance.

On that note, be sure to humble yourself. You don’t know everything and you’re not expected to. You’re expected to find the solution to a problem.

I’ll admit. When I first started out, I was a bit arrogant (I also realize I’m being pretty arrogant in this blog post…).

My word was law in SEO and even social media (though, I really didn’t know that much about social media at the time).

I knew a lot about SEO, but the thing with SEO is that a lot of it is really subjective. Google has over 200 ranking signals and they do their best to not give away their secret.

So I’d say absolute statements like, “Image titles and file names don’t affect rankings, only alt-text” or “Duplicated content negatively affects your ranking.”

In case you’re wondering, the first statement isn’t for sure known, but it’s a best practice… just in case (If I owned a search engine, I would definitely look at these). Regarding the second statement, I haven’t seen anywhere that duplicate content affects your rankings negatively.

But it doesn’t help the duplicated page.

I’ve even burned some bridges being arrogant and argumentative to other SEOs. Was I right in a lot of cases? Sure.  But it doesn’t matter.

The funniest part of all of this was I was never explaining any of this in detail to clients or prospects. So why the hell was I even doing it?

Humble yourself. You’re not a god and no one expects you to be. They expect you to be honest and personable.

It’s not your job to know the answers. It’s your job to find the answers.

Let me knock this one out right now. Your formula for marketing success or attracting leads isn’t a secret. I can guess it right now.

First you deploy an ad on social media (probably Facebook) that has an enticing offer in it to get signups. Like it’s some kind of sweepstakes. Just enter some information for a chance to get free {insert product or service}.

Then you get a bunch of (unqualified) leads.

You then use those leads and set them up in an email database that deploys scheduled emails. Probably 4 or 5 and the content changes depending on how they interact with the email (or don’t).

Those emails lead them through a “sales funnel”.

Your client then gets lots of still, unqualified leads. They’ll close some, but they’ll be shitty customers (oh sorry, you’re not supposed to know that yet).

Finally, you’re using ClickFunnels. Or some knockoff to do all of this.

This is a short term strategy. It’s not meant to get repeat customers or work forever. Does it work? Sometimes. But more often not. Especially if you’re not in the ecommerce industry.

Your secret isn’t a secret. It’s been beat to death.

The only thing worse than a used car salesman in the early 90s is a marketing entrepreneur.

I actually wrote a post about why people hate digital marketers awhile back. I encourage you to check that out if you have some time.

In the beginning, it was easy to sell things like SEO. High ticket items with minimal effort. At least it was for marketers at the time.

They (and still do) played on the ignorance of business owners. Throwing out buzzwords like “meta tags”, “alt-text”, “link equity”, etc. Things real business owners don’t have time to learn or understand.

“Sure, whatever, just take care of it.” Is typically what went through their minds.

It’s still the case.

But more and more business owners are catching on to that. They’re not stupid. In fact, they’re smarter than most people who call themselves marketers that rely on 3rd party apps like ClickFunnels.

If you want to stand out, you’re going to need to establish trust first. You need to help, not sell.

When I first started, I set out to become a resource for landscaping and lawn care business owners. I didn’t sell and I didn’t promote. I just helped and answered questions.

If you want to get an idea on how I “helped”, check out this link. Someone posted their website on a landscaping business owner forum for critiques. So I gave them… in detail.

I made it so if he wanted to do his own SEO, he could follow everything I said and didn’t need me.

This is the kind of credibility you need to build for yourself. It’s also the exact same thing that Gary Vaynerchuck preeches in his books “Crush It!” and “Crushing It!”.

SALES WILL COME.

They did for me. It just took a little while for the credibility to start building.

It’s no doubt that your business can’t succeed without sales. So naturally you feel like you need to be salesy and create an enticing pitch.

You don’t.

I would argue that being salesy and having such an exhuberant attitude when talking with a prospect is draining on them (and you) and keeps their guard up.

I find the most success when I treat them as a family member calling me. I don’t use any inflection in my voice, I don’t pretend I’m excited if I have nothing to be excited about, and I really don’t care if I get the sale.

The first thing you have to get through your head is that not all sales are good.

Trust me one this. You won’t. But I have to say it anyways.

Shitty clients are stressful. They’re the clients that want everything for nothing and make you bend over backwards for low margins. You don’t want this.

Instead, be an educator. Your leads should come to you. Not the other way around. To do this, you have to get your name out there.

  • Comment and help on forums
  • Write for industry related magazines and publications
  • Try to get featured on podcasts
  • Join social media groups (Do NOT pitch here. It’s an easy way to get booted and chastised)

Leads will come to you. And when they do, don’t be salesy. Vet your potential client and let them know you need to see if they are a good fit for you. Business is a two-way street.

They don’t have to buy from you and you’re not their slave.

The Office had a perfect example of this from the “best” salesman in the area.

Meredith: “So, you’re here to sell me some paper.”

Danny: “Well actually, no, Ms. Van Helsing, that’s not why I’m here. I’m here to meet you. To see if we’d be a good fit.”

Be a Danny.

If you didn’t dress in a suit and tie before you became a marketer, then don’t do it now. It’s not you. It’s inauthentic (I have a hard time saying anything relating to authenticity without thinking about Gary V. I feel like he could trademark that word by now).

No one’s buying it.

Your appearance and how you conduct yourself makes an impression. Unfortunatley, snazzy-dressed marketers look sleezy.

They should buy into you. Not someone you’re not.

Sorry for the long post

I didn’t mean to make this post so long. I had a lot to say, apparently.

The truth is, if you’re a marketer trying to get started, you have to realize you are a drop in the bucket.

If you’re trying to get noticed, you have to do what no one else is doing, and right now, that’s literally just being yourself.

If you’re a douche bag, naturally, you’re gonna have a hard time.

That’s all for now. I post a lot shorter content on my Facebook page if you want to give that a follow. Or don’t. I don’t care.

Why I Started Writing Book Reviews

Why I Started Writing Book Reviews

This post isn’t directed towards you or any part of any population. It’s directed towards me. I don’t think you need to write book reports on the books you read. I think I need to.

I’m not going to be writing these to get any kind of traffic or get people to buy books through my Amazon affiliation (although, why wouldn’t I link to them?).

I’m writing these because this is the best way I can remember what I read without rereading books.

 

Why write book reports?

The other night, I finished Rework by Jason Fried and David Heinemeier. It was a fantastic book. It’s now littered with highlights, notes, and brackets.

All of my books are.

I do this because it helps me find passages that I love. Direct quotes I can’t recall perfectly from memory.

I remembered everything about “Rework” after I read it.

I went to put it away on the bookshelf and pick up the next book to read. I picked up and put down books multiple times trying to make a decision. Finally, I settled on a book I bought in the Columbus Airport. One Thing by Gary Keller and held it in my left hand.

I glanced over to a different shelf and noticed The Master Key to Riches by Napoleon Hill. It was a book my business partner had recommneded to me months ago. I had started reading it but never finished.

I could tell because I had made highlights and notes a quarter of the way through.

I picked it up with my other hand and opened it on top of The One Thing I was carrying.

As I read through my highlights trying to figure out where I left off, something mortifying occurred to me.

I couldn’t remember a damn thing!

I’d highlighted sentences and bracketed paragraphs but had no recollection of the surrounding context.

I do remember this book being a terrible read and I can admit it probably bored me. But before I let myself give up on questioning why I couldn’t remember anything about this book, I looked at some of my other “favorite books” I’ve read.

Two of which being Dale Carnegie’s How to Win Friends and Influence People and William Zinsser’s On Writing Well.

I remembered a few things from those books but I couldn’t pull any quotes out of my head. On top of that, I couldn’t even remember the different topics On Writing Well covered.

This terrified me. I’m not going to read books over and over again until I get them drilled down. I should be able to read them once and remember most of the key details.

 

I had an idea

Recently, I had started taking Lean Six Sigma Engineering classes to get my green belt in the field. I’m taking it seriously because I care about what it teaches.

I prove that I care about the subject by the immense amount of notes I’ve taken. Often more notes than what the instructor says or writes.

I’ve noticed my rentention to a lot of these topics has been better than it’s ever been. Including high school and college. I don’t even have to look at my notes. I just remember everything and I’ve been scoring 100% on all my tests.

I figured if I wrote about a book after I read it, it would help me retain a lot more information. Even if it’s just a few more bits and pieces that I was remembering before.

Most people already knew taking notes and writing about things helped retain more information. I’ve never been a note taker and all of that seemed anecdotal to me.

It wasn’t until Lean Six Sigma that I realized just how much I was retaining.

 

How do I even write book reports?

I haven’t done this since middle school. So I guess the best thing to do is write it as if it were a blog post.

I’m going to break it down and structure it in the same format I always write:

  • Introduction
  • Why this topic is important
  • Specific things about the topic
  • Applying the topic to real life
  • Summary

I hope I’m not the only one that gets benefit out of writing these. It wouldn’t feel like a complete waste if that were the case… but a waste nevertheless.

So this is how my book reports (book reviews) will be structured in the coming posts:

  • Introduction
  • Synopsis
  • Notable Topics
    • Topic #1
    • Topic #2
    • Topic #3
  • How I can apply what I read
  • Who I would recommend this book to

 

I hope this helps

I hope this helps me remember more of what I’ve read in the past. It’s not that I’ve completely forgot. It’s just I need to flip through the book to job my memory.

I don’t wnat to have to jog it for every postive detail I’ve read. I just want to recall it at will or whenever the situation calls for it.

But I also want these book reviews to serve you well too. I want them to be interesting and pique your interest without you not feeling like you don’t need to read the books. As long as you think they’re a good fit for you.

If you have any recommendations for me, put them in the comments below and say a little about why you like that book.