NordVPN

What to Do if You’ve Been Hacked on Facebook

Ben Taylor

Ben Taylor

August 11, 2017

If you get hacked on Facebook, you’re not alone. Statistics suggest that that 160,000 Facebook accounts are hacked every single day.

Although this is an improvement on the 600,000 daily Facebook hacks reported back in 2011, it’s still an eye-watering number. The figure brings into sharp focus the fact that Facebook hacks are far from rare.

This article discusses exactly what to do if you are the victim of a Facebook hack. First, let’s look at how you’re most likely to find out that your Facebook account has been compromised.

How to Know if Your Facebook Has Been Hacked

There are various ways it may come to your attention that something’s wrong with your Facebook account. Here are the most likely:

  1. You lose access to Facebook

If your account suddenly becomes inaccessible, and you’re positive you have the correct login details, it’s possible someone has gained access to the account and changed the password, locking you out in the process.

  1. Strange things appear on your timeline

If things start appearing on your timeline that you didn’t put there, or notifications suggest you’ve been “liking” or commenting on unlikely things, it’s probable that a hacker has targeted you.

  1. Friends report unusual Facebook activity

If your friends report that they’ve received unusual messages or friend requests from you, something’s amiss. In the case of friend requests, it’s possible someone is trying to duplicate your account and pretend to be you.

A Useful Way to Check Your Facebook Account

There’s a useful “hidden” feature within Facebook that will help. It can reveal whether someone has been accessing your Facebook account without your knowledge.

Open Facebook and click the menu icon (a small downward facing arrow in the top right). Next, click on “Settings,” and then “Security and Login.” Have a look at the “Where you’re logged in” section. Make sure you recognise the devices that show you logged in.

If there’s anything in here you don’t recognise, it may indicate someone is messing around with your account. It’s possible to click into a specific device and select the “Not You” option. This will lead you through a process of changing your password and securing your account.

This is a useful exercise. It will remind you of your recent Facebook activity, and allow you to backtrack on anything you didn’t do personally. It will also log you out of Facebook on any device other than the one you use to complete the process.

How Are Facebook Accounts Hacked?

Facebook accounts are hacked in various ways. Some methods are far from sophisticated. Here are some examples:

  1. Somebody cracks the password

If you don’t use a secure password for your Facebook account, it’s possible someone could hack in purely by guessing it or using a “brute force” style attack. Obviously, the way to prevent this is to use a complex, unique password. It’s also worth activating two-factor authentication, which we’ll discuss below.

  1. Someone uses the password recovery mechanism to change the password

If someone is able to correctly supply Facebook with the details you’ve given to recover your password, they could be able to change your password.

  1. A phishing attack tricks you

Many hackers use a combination of malicious emails and fake Facebook login pages to trick people into revealing their logins for Facebook (and other online services). If you fall for such tactics, this could cause your account to be hacked. Fake login pages can look extremely realistic, often with only the domain name revealing them not to be genuine.

  1. A virus or key-logger could be involved

If your computer or mobile device is infected in another way, perhaps with a virus that logs your keystrokes, this could have passed your Facebook login to a cybercriminal.

  1. Malicious apps

Not all Facebook apps are built with honest intentions. Sometimes finding out “Which Game of Thrones character am I?” could result in you installing something to weaken your account’s security.

These aren’t the only ways to compromise a Facebook account. It doesn’t always take a skilled hacker to do it. Shockingly, there are even online tutorials to help people hack Facebook.

What Can Facebook Hackers Achieve?

If suspect or know that your Facebook has been hacked, it’s time to take action. Someone who’s gained access to your Facebook account could do any of the following things:

  1. Target your Facebook friends for identity theft and other online crime.
  2. Get into your other online accounts. This is a risk particularly if they have the same login details, or make use of “log in with Facebook” functionality.
  3. Post statuses and send messages as “you.”
  4. Learn more of your personal details and read your private Messenger conversations.

This is just the start. The amount of personal information kicking around in most Facebook accounts is considerable. Have you ever messaged a friend your home address? Or sent someone your bank details so they can pay you back for some concert tickets? The chances are there’s enough in your account to allow a hacker to kick off some serious identity theft.

What to Do if Your Facebook is Hacked

Here’s what to do if you think your Facebook has been hacked:

  1. Assuming you can still access your account, click the menu icon (a small downward facing arrow in the top right). Next, click “Settings” and then “Security and Login.” Look at the “Where you’re logged in” section. Click on any of the devices that show you logged in. Next, click “Not me.” You can then follow the prompts to reset your password and secure your account.
  2. If you can’t access your account, visit Facebook’s “report compromised account” page. Select the most relevant option to your situation.

  1. Once you’ve changed your Facebook password, change all other logins that use the same password. If you follow the “best practice” of not using the same password for multiple accounts, this shouldn’t take too long!
  2. Run a full virus scan on your computer. Next, run a supplementary scan with a malware detector like MalwareBytes.
  3. Check your financial accounts (and continue to do so) if you have any suspicion whatsoever that the hackers could have accessed them. This is particularly important if you uncover a virus or keylogger on your computer. You may also wish to review your credit score/file to ensure nothing’s amiss.
  4. Once you’re sure your account is secure, notify your Facebook friends as to what has happened. Ask them to alert you if they see anything unusual relating to your account.
  5. Take steps to keep your account more secure in the future (see below).

Note: When you change your Facebook password, you’ll need to log in again on all the devices you use. This includes tablets and smartphones.

How to Keep Your Facebook Secure in the Future

If you’ve had your Facebook hacked once, you won’t want it to happen again. As such, here are some steps to help avoid it:

  1. Make sure the password you use is complex and unique to Facebook.

  1. Turn on two factor authentication (2FA). This adds a second login step when you access Facebook from a new device. The most popular 2FA method is registering a mobile phone. You’ll then have to enter a code that’s sent to you by text message. However, there are several alternative options available.

  1. Activate the “Get alerts about unrecognised logins” feature. This is within the “Security and Login” options.

  1. Consider using the “Choose 3 to 5 friends to contact if you are locked out” option. This allows trusted friends to help you gain access if your account is compromised. Make sure you choose friends you completely trust!
  2. Have a look through all the Facebook apps you’ve linked to your account. Remove any you don’t need.
  3. Refrain from giving Facebook permissions to any non-essential apps. (Yes, this may mean it’s less easy to find out which of The Simpsons you most resemble!)
  4. Be very suspicious of any emails that claim to be from Facebook. Also, be wary of logging in to anything unless you’re completely sure it’s the genuine Facebook page.
  5. Use up-to-date antivirus software on all your devices.
  6. Ensure you always log out of Facebook if you use it on a shared device. Better yet, don’t use it on a shared device.
  7. Regularly check the “Where you’re logged in” section of the security settings, as discussed earlier in the article.

A Facebook hack, like any other hack, is inconvenient and unsettling. Hopefully this guide will help you through it, and minimise the chance of it happening again.

Image Credit: Lewis Tse Pui Lung/shutterstock.com