Suspect your Facebook account was hacked? Learn how to find out for sure, and steps you should follow to fix it.
The silent struggle of thousands of users whose Facebook accounts have been hacked rarely makes headlines. Facebook itself doesn’t offer much but a wall of silence and text. Do you know whether your account remains uncompromised?
If you suspect that your Facebook password was leaked or that your account was breached, act fast! Facebook hackers could lock you out of your account and hassle your friends and family. Secure your Facebook account now or get it back before it’s too late.
In this article we’ll show you how.
How to Know If Your Facebook Account Was Hacked
So how do you know your Facebook account was hacked? If a Facebook hacker managed to get into your account, they will leave a trace.
Log into your Facebook account and click the arrowhead in the top right to expand the Account menu. From that menu, pick Settings & Privacy > Settings and go to Security and Login.
At the very top, you’ll see a list of devices from which you’ve most recently logged into your Facebook account and when they were active.
Click See More to expand that list and review older sessions.
Other signs that your account may have been hacked include:
- Your personal data, including your password, email address (be sure to also check secondary ones), or name were changed by a third party.
- Friend requests and private messages were sent from your account without your doing.
- Your timeline contains posts you didn’t add or permit.
Note: If you’re using Facebook to log into other applications, like Spotify or Instagram, those applications have been involved in previous data breaches and may be targeted again in the future. So even if you don’t care about your Facebook account, we strongly recommend changing the respective logins or tightening your Facebook security to secure these third-party accounts.
If you spot any suspicious activity in your logins or have seen one or more of these other signs, you’ll find what you need to do below, in the given order…
What to Do If Your Facebook Account Was Hacked
If you have confirmed that your account has been compromised, here are the steps you should follow…
1a. Change Your Facebook Password
In case your Facebook hacker hasn’t changed your password, you got lucky! Immediately update your password before you log out of suspicious sessions (you don’t want to alert the hacker). If it’s too late, head to step 1b.
Under Settings > Security and Login, scroll down to Login and click Change password. Enter your current password, set a strong new password, and click Save Changes.
Log Out of Facebook Sessions
After changing your password, scroll back up to Where You’re Logged In. Either Log Out of individual sessions by clicking the three vertical dots or click the Log Out Of All Sessions option in the bottom-right after expanding the list. Do this only if you’re sure you can log back in.
Click Secure Account if you don’t recognize the location, device, and last activity. Click Get Started to trigger an automated step-by-step process of securing your account.
When you’re done, you’ll be sent back to your feed. If you still think your account has been compromised, proceed to Step 3.
1b. Reset Your Facebook Password
If the hacker did change your password and you need to receover your Facebook account, act quickly. Try to regain access. There is a Forgot your password? link underneath the Facebook login:
If Facebook can find your account, you can choose how to Reset Your Password.
NB: If the hacker changed your email address, you should have received a message to the original address. Find this message because it contains a special link that will let you reverse the change and secure your account.
In my case, Facebook offered to send a recovery code to any of the email addresses I added to my account. We highly recommend that you specify multiple backup email addresses. Remember that you must keep those accounts equally secure, at least by using a strong password and ideally by enabling two-factor authentication on your email accounts.
2. Report the Facebook Hack
If your account wasn’t simply hacked, but is sending out ads and spam to your friends, you must report it as compromised to Facebook using Facebook.com/hacked/.
3. Remove Suspicious Applications
Oftentimes, it’s not an evil person that randomly hacked your account. You may just have granted access to a malicious Facebook application which subsequently hijacked your account.
To remove suspicious applications, go to Settings > Apps and Websites and go through the list. Click See More to expand the list of Active apps and websites, set a checkmark on apps or websites you’d like to remove, click the Remove button in the top-right, and confirm whether you’d also like to “delete posts, photos or events posted on your timeline” from these sources.
4. Do Damage Control
After doing everything you can to regain control over your hacked Facebook account and preventing further damage, inform your friends and family about what is going on.
Improving Facebook’s Privacy and Security Settings
Once you’re back in control, we highly recommend that you review your Facebook settings.
Under Settings > General, update your contact details, and add additional email addresses or mobile phone numbers that you have access to. Likewise, remove those you no longer have access to.
Head to Settings > Security and Login to set up extra security measures, including alerts about unrecognized logins, two-factor authentication, and choose three to five trusted friends who can help you to recover your account should you get locked out.
Under Settings > Privacy, choose the privacy settings you’re comfortable with. We recommend letting only friends see your future posts and retroactively limiting the visibility of past posts.
Note that the single most important security feature you can enable on any of your accounts is two-factor authentication. We strongly recommend that you set up two-factor authentication on your social accounts that offer this feature.
This is a precautionary step in case the hacker has used your account to reach out to people. If you presently can’t access your account, contact your Facebook friends through other social networks, by email, or have a mutual friend inform them via Facebook.