It can be quite frustrating for Facebook users whose account has been hacked or taken over. Facebook itself doesn’t offer much to the users whose account has been compromised. That’s why you have to act fast if you suspect that your password was leaked or your account was breached.
Hackers can lock you out of your account and use your account for the wrong reasons. Secure your Facebook account before it is too late. Let us walk you through the recovery process with the guide for securing your account in the future. You can read the security pointer to avoid this from happening next time.
How to Know Whether Your Facebook Account Was Hacked
How do you know if your Facebook account was hacked? You can easily get to know that by following these steps:
Log into your Facebook account and click the arrowhead in the top right to expand the Account menu.
From the account menu, tap on Settings & privacy > Settings and go to Security and Login.
At the very top of the security and login section, you will see the list of devices that have recently logged into your account.
Click See More to expand that list and review older sessions. If you see any strange login, it means your account has been breached.
Other ways to find out if your account has been hacked or not:
Check if your personal data like your name, number, email address, and phone number has been changed by a third party. To check that:
- Go to your Settings > General.
- Check your full Contact information, i.e. click the respective field to expand it.
- You can see all phone numbers associated with your account under Settings > Mobile.
If friend requests and private messages were sent from your account without your knowledge it means your account is being used by a third party. Here’s how you can check:
- Go to the Settings. Then go to Your Facebook Information > Access Your Information.
- Look over the various details to confirm if your account is compromised.
If your timeline contains posts you didn’t post, it can mean your account is compromised. To see your timeline follow the below steps:
- Click your profile picture in the top right. If you are unable to see your profile picture there, click the hamburger menu icon, then you should see your picture in the top left.
- Now check the timeline for new posts.
If you spot any suspicious activity on your account or your friends have told you about getting suspicious messages, follow the below guidelines to get your account back and secure.
How can you lose control of your Facebook account?
Accidentally left the account logged in
Sometimes when you borrow your family member or friend’s phone to log in to your Facebook account to do something important, they end up consuming content, posting or sending messages as a prank.
Even if your friends have access to your phone they can go to your account to send funny texts or posts. This is more of a prank than a hack. But it happens frequently so it was important to mention this. Here’s what you can do about it:
- use Facebook’s security page to check and see where else your account is already logged in.
- You’ll get the list of devices, if you find any location other than yours, click on the three vertical dots on the right corner and force those devices to log out of your account.
- Next, change your password to something strong and unique.
- Remember to sign out of your Facebook account if you loan anyone’s device to log in.
Even if your account isn’t hacked, it is advised that you routinely check the security page to make sure you haven’t enabled a login by mistake.
There are times when some sick people, use your photo and name and sets up a new account. They pretend to be you and proceed to try to recruit your Facebook friends on their accounts. Here’s what you can do about it:
- To be honest, there isn’t much you can do about it. But you can tell your friends by posting on your actual account and make them aware of the imposter.
- Ask your friends to report the imposter, so Facebook will take notice of this cybercrime.
- You should also be aware while befriending someone on Facebook, only do it if you really know the person whom you are in contact with.
Sometimes suspicious links go into circulation. Usually, your friend’s account is compromised you’ll get a link from them on messenger which you’ll be eager to open. We warn you to avoid clicking on unknown and suspicious links. As soon you click on the link, your account will also be compromised. A lot of users have gotten their accounts hacked due to this reason.
Someone guesses your account password and logs you out of your account. Although there are very rare chances of this happening it’s a possibility, especially when you have a weak and common password. If it happens, then this situation is the direst and most difficult to recover from. If you want to recover your account, it will depend on what else you have linked to your Facebook account.
What to Do If Your Facebook Account has been Hacked
If you have confirmed that your account has been hacked, here are the steps you can follow:
Change Your Facebook Password
Your first response should be to use your Facebook account from the devices you’re already logged in to, maybe a hacker hasn’t logged you out. If that’s the case it’ll be very easy for you to get your account back. If you are lucky enough that your hacker hasn’t changed your Facebook password, we suggest you immediately update your password before you get logged out of your account. If your password has been changed, move on to the next step.
- Go to the Settings > Security and Login.
- Scroll down to log in and click Change password.
- Enter your current password, set a strong and unique new password, and click Save Changes.
- Next, you’ll see a Password Changed confirmation window. You’ll also get an option of Reviewing other devices or Staying logged in.
- Choose the review other devices option and click Continue.
- After changing your password, scroll back up to Where You’re Logged In. You can either choose Log Out of individual sessions option by clicking the three vertical dots on each Sergio. Else you can also choose the Log Out Of All Sessions option in the bottom-right after expanding the list.
We suggest logging out completely, but only choose this option if you are sure you can log back in. You don’t want to jeopardize your means of logging back in. If you’re unsure, then we recommend you to manually log out of all the recent sessions that look suspicious.
Reset Your Facebook Password
If the hacker changed your password, then you have to quickly reset your Facebook password to recover your account. You can choose Forgot your password? from the Facebook login page:
- You can change your password in several ways. Here are a few of them:
- First, you’ll have to Find Your Account by either entering your the email address or username or the phone number that you used to register with Facebook
- Once Facebook finds your account, you can choose to Reset Your Password.
- If your email address changes then you will get a recovery code on your email address. You go to that link and enter a new password for your account.
- If your email address was changed, you should’ve received a message regarding that in your original address saying that someone is trying to change your email address. It’ll contain a message saying if this isn’t you, change your password. You will be able to reverse the change and secure your account.
We recommend you add multiple recovery email addresses. Make sure to remember the passwords of those accounts. Keep those addresses equally secure, and enable two-factor authentication on those email accounts.
If you don’t have access to these options then click on the No longer have access to these? option. Facebook will ask how can they verify your identity by asking for your national ID. This can take a while.
Report the Facebook Hack
Your Facebook account contains your private and business information, if anyone gets their hands on your account they can put it to nefarious use. If a Facebook hacker has been abusing your account and sending ads and spam to your friends, you should report it as compromised to Facebook by going to Facebook.com/hacked/.
If you have lost your account through a phishing attack, you should report this to Facebook. Their support team will help you recover access to your account. Your account gets locked in the recovery process, this way hackers won’t be able to intrude while you’re fixing your account.
Facebook will ask you to change your password, after your account is secured you will regain access. Follow the below steps to start the recovery process:
- Click the small upside-down triangle in the upper-right corner of your Facebook homepage, next to your name and the Home option.
- Select Help from the drop-down list.
- Type hacked into the search bar.
- Select My account was compromised, phished, or is sending messages that I didn’t send.
- Click the Visit our Security page link. Then click on the My Account Is Hacked option.
- Now choose the blue My account is hacked text to display the secure it here link, and then click that link.
- Enter your password when prompted, then click the Continue button.
- Once clicked, Facebook locks your account until it’s secured again.
- Click Continue in the Secure Your Account window.
- Then, enter a new password for your account and retype it in the confirmation box before clicking “Continue.”
- Click Change password next to your email address to open your email address. It’s important to change your email address since it is connected to your Facebook to ensure that the hacker didn’t gain access to your email.
- Navigate back to the Facebook window and click Continue.
- In the Account Verified window, click Continue again.
- Select a security question, provide an answer in the text box, and click Submit.
- The following window verifies your account information. Confirm that the information is correct and place checkmarks next to any options you prefer under Turn On Extra Security Features.
- Press Login to return to your secured Facebook account.
Remove Suspicious Applications
Oftentimes, it’s not a person who has hacked your account but a malicious Facebook app that might have hijacked your account. Now it’s automatically posting content on your timeline. Here’s how you can remove suspicious applications:
- Go to the Settings > Apps and Websites and go through the list.
- Click on the See More option to expand the list of Active apps and websites.
- Checkmark apps or websites you’d like to remove. Then click the Remove button on the top-right corner.
- Confirm whether you’d also like to “delete posts, photos, or events posted on your timeline” from these sources.
- We also recommend removing all Expired applications and websites.
Alternatively, we recommend you change your app permission settings. Here’s how to do it:
- Click the View and Edit link
- Change the app’s permissions, which include options like app visibility, access to your personal information, and actions it can take.
If you use Facebook to log into other apps immediately disconnect those apps, otherwise hackers can compromise those accounts as well.
Improve Facebook’s Privacy and Security Settings
Once you get your account back, you need to learn from your mistakes and make sure it doesn’t happen again. Learn how you can keep your Facebook account secure and stop hackers from comprising your account. Keep in mind, that hacking tactics also evolve with time, so you have to keep reviewing your Facebook privacy and security.
Even if you haven’t been hacked yet, don’t wait for it to happen. Secure your account before it happens, we have made a list of pointers on securing your account. Make sure to do at least one of them as soon as you can.
Set up additional login security
Facebook offers you multiple options to keep your account secured, one of them is to use a two-factor authenticator app such as Google Authenticator or Microsoft authenticator. Two-factor authentication uses your smartphone’s app as a part of the login process.
We highly recommend you set up two-factor authentication on all of your social media accounts. You can set up the two-factor authentication method on your bank and credit card companies (but with only the ones that support this method).
After you add your username and password while logging in from a new device, Facebook will ask you for a six-digit security number. You will get this security code on your Facebook phone app. Security code changes every minute so you have to keep your phone close by while logging in from a new device.
After setting up two-factor authentication, you will have the option to earmark individual sessions as Not You. You get instant notification on your phone as soon some unknown device tries to log in to your account. Two-factor authentication will bring up a pop-up showing details of location and device which is trying to log in to your account.
Here is how you enable two-factor authentication:
- Go to settings. Click Secure Account.
- Click Get Started to trigger an automated step-by-step process of securing your account.
- The next screen summarises the steps of the process. Click Continue.
Check for configured payment methods
You might think that you have never connected any of your bank accounts with Facebook. But Facebook has been here for a very long time and sometimes users forget about linking their bank accounts to Facebook. Here are two methods by which you can check for the configured payment methods on Facebook.
First, you can go to set up any credit cards to make direct payments page by going to the payment method. It will show you individuals or causes, called Facebook Pay.
Or else you can go to remove any ad payment methods. If you are running any ad campaigns on your business, you will have to stop them first.
Remove connected apps and websites
As we have mentioned earlier that you should remove any third-party apps that use Facebook credentials to log in. It’s never a good idea to link all of your accounts, like Spotify or Instagram. We strongly recommend changing the respective log-ins to tighten your security.
If any one of them gets hacked or compromised all of your linked accounts will also have security threats. Now is the time to review and remove them. You will have to put a little effort while logging in to your other account but you also be able to protect your account from getting hacked or compromised. The same is true with removing any business integrations.
If you have a Facebook business page, you should at least give two to three people admin rights to your page. Here’s how you can do it:
- Go to Page Settings > Page Roles.
- Choose to add friends as the admin option. And then click on save changes.
If your business account gets hacked and you’re the only person who had admin rights to the page, it would be impossible to recover your page. All of the admins should turn on the two-factor authentication.
Check your account’s email contacts
You should add at least one or two recovery emails where Facebook can send you notifications in case your main email address is compromised. Make sure to use different passwords for each email account. It might seem like a lot of work right now but it can make a huge difference if you ever got hacked. Here’s how you can do that:
- Login to your Facebook account. Then;
- Go to Settings > General. Now update your contact details and add recovery email addresses or phone numbers (only add ones you have the access to). Make sure to remove those you no longer have access to.
You can also add a recovery email by doing this:
- Login to your Facebook account.
- Go to Settings > Security and Login to set up extra security measures. You can take security measures like alerts about unrecognized logins and two-factor authentication. You can choose three to four trusted friends who can help you recover your account if you ever get hacked or locked out.
Inform your friends
After taking all the necessary precautions and gaining control over your Facebook account, inform your friends what’s going on. Reach out to them to make them aware. Also when your account has been compromised hackers might have sent some suspicious messages to them. It is better if they know it wasn’t you and they avoid opening the contents of the message.
Think before you click
If you ever get a message with a link attached to it, don’t open it right away. Make sure to inquire the person about the attached link. Their account might have been compromised and the hacker has started a link sharing chain, upon opening your account can also be compromised. This caution is not only for Facebook but it’s for Instagram, WhatsApp, and other social media apps as well.
Be aware of things that seem unusual
Make sure to be aware of your account activity. Look out for the posts you didn’t create, messages you didn’t send or the purchases you didn’t make. Sometimes hackers just silently use your account for their benefit. Here’s how you can tighten your account’s security:
- Login to your Facebook account.
- Go to Settings > Privacy. Now choose the privacy settings like letting your friends see your future posts and limiting the visibility of past posts.
We hope this guide was helpful to you. If you come across any annoying error while browsing online, awsmtips have got your back. Stay secure!