Shortly after midnight on July 9, Khalidi received an alert from Facebook’s security team for a suspicious log-in attempt. But the web browser mentioned by the security team in the email was never used by Khalidi.

Soon after, Facebook sent another alert notifying that Khalidi’s password was reset. The second email mentioned that his personal phone number was used for the reset. Khalidi said he never requested the reset, nor did he receive any authentication or verification code on his handset.

Here lies the scary part: cyber security experts believe that the hacker has used a cloned SIM, shutting down the original card for brief moments and leaving the user in the dark. But checks with the relevant telecom carrier into the user logs will probably unpack the mystery.

Facebook sent a similar email into Khalidi’s official account with the bdnews24.com domain at the same time with the same alert — “an unusual log-in”.

Two minutes later, Khalidi received a new email notifying that he requested a copy of his Facebook information. He said he never asked for one.

As the night wore on, Khalidi received another email at 1:15am — this time with a far sinister message. All the data in his account was ready for download, Facebook said in the email with instructions for how to get them. 

It was an attempt to take control of his Facebook account and copy the data in it, Khalidi alleged.

This account is linked to Khalidi’s verified Facebook page (https://www.facebook.com/t.i.khalidi) and bdnews24.com’s official Facebook page (https://www.facebook.com/bdnews24/).

He fears that the personal data, if obtained through hacking, can be used in harmful criminal activity, according to a complaint filed with the Banani Police Station.

“We will take necessary steps after an investigation,” said Police Inspector (Operations) Md Saihan Oliullah after a bdnews24.com reporter filed a general diary (No. 688) on behalf of Khalidi on Wednesday night.

In an attempt to keep his account secure, Khalidi changed his password, minutes before he received the final email, but he is not sure whether someone downloaded his Facebook account information in the meantime.

bdnews24.com spoke to two cyber security experts to make sense of the “attempted hack”.

“Both have said it seems someone used a cloned SIM after deactivating the original card,” a spokesman for bdnews24.com said. 

“Toufique Imrose Khalidi will not receive any verification code if his SIM is shut down, but the person with the cloned SIM can change the password after receiving the code.”