NORFOLK, Va. (WAVY) – It’s a cautionary tale from a Norfolk restaurant.

Orapax has a rich history in Norfolk. It has been serving Greek food in the city for more than 50 years.

“It’s special. My grandfather owned it initially,” said Orapax general manager Nicole Moshenek. “We’ve been here a long time and have a lot of regular customers.”

Like other businesses, Orapex started using social media around 10 years ago to advertise and build relationships in the community.

“We’ve seen a large growth,” Moshenek said. “We’ve spent years building this platform and this brand and community on there that was following us.”

Recently, that platform was stripped away.

“I wasn’t able to see messages coming in from customers anymore,” she said. “Then I was looking for our page and I didn’t have admin rights.”

Someone hacked into the social media account.

“I wasn’t able to advertise anymore and it was very frustrating,” Moshenek said.

She tried reaching out to Facebook but that was an impossible task.

“I wasn’t able to get anyone on the phone,” she said. “It was a lot of back-and-forth emailing.”

She wasn’t able to get any help from Facebook.

She turned to Valor Cybersecurity, hoping to get the account back.

“If someone can get this page back, it’s invaluable to us,” Moshenek said.

It’s something the CEO of Valor Cybersecurity is seeing a lot of.

“We’ve seen many businesses have their Facebook account taken, said Valor CeO Greg Tomchick. “They can use a credit card on it. They can leverage the pre-existing trust to give them monetary actions and scams.”

Tomchick said the fix isn’t easy.

“There are ways to submit tickets through Facebook,” he said. “It usually takes two to three months for a response,” he said.

Tomchick said the last resort is trying to get the account back by hacking the hacker.

He is slowly inching closer to recovering the account.

Both Tomchick and Moshenek are sharing this story in hopes you and other businesses can keep your account secure so this doesn’t happen.

“Having a real secure password, changing it every once in a while,” Moshenek said.

Said Tomchick: “Make sure you have two steps to get into any account that will stop 90% of these attacks. … Make sure you don’t have credit cards linked on the account.”