Move quickly.
Much like email, it's not uncommon for someone, somewhere, to gain access to someone else's Facebook account and use it to post spam or worse. Sometimes the account password is changed; sometimes not. Sometimes traces are left; sometimes not.
Sometimes the entire account is destroyed, and you can lose your account permanently.
If you think that has happened to you, here's what you need to do next.
Become a Patron of Ask Leo! and go ad-free!
If you suspect your Facebook account has been hacked:
- Recover access to your account
- Change your password
- Check or set your account recovery information
- Let your contacts know
- Learn from the experience
- Get help if you need it
1. Recover your account
Log in to your Facebook account right away. If you can, consider yourself very lucky and proceed to step 2.
If you can't log in, even though you know you're using the correct password, then the hacker has probably changed your password.
Proceed to my article, How Do I Recover My Facebook Password? Facebook includes several recovery options -- provided you set them up beforehand. As long as you did, these may allow you to regain control of your account and reset your password.
If that recovery method doesn't work -- perhaps because the hacker has altered all the recovery information, you don't recall the answers, you no longer have access to a recovery email or phone, or you never set up any recovery information in the first place -- Facebook has a couple of additional approaches to try.
Get Help from Friends is a technique where you tell Facebook the names of a few friends with whom you're connected on Facebook. Facebook sends them the recovery information, which you collect from them and provide to Facebook to recover your account.
If your account really is hacked and you're unable to regain access, you should report it to Facebook as being hacked by visiting this URL: facebook.com/hacked. That will also access additional steps to attempt to regain access to your account.
VERY important: If you cannot recover access to your account, it is now the hacker's account. Unless you backed it up, everything in it is gone forever, and you can skip the next two items. You'll need to set up a new account from scratch.
2. Change your password
When you regain access to your account, or if you never lost it, immediately change your password.
As always, make sure it's a good password: easy to remember, difficult to guess, and long. In fact, the longer the better. While I couldn't find a definitive answer on the maximum length allowed by Facebook, I've seen anecdotal evidence that passwords of at least 50 characters work.
But don't stop here. Changing your password is not enough.
3. Change (or set) your recovery information
While the hacker has access to your Facebook account, they may elect to leave your password alone. That way, you may not notice the account has been hacked for a while longer.
But whether they changed your password or not, they may go in and change the recovery information.
The reason is simple: when you finally get around to changing your password, the hacker can follow the "I forgot my password" steps, reset the password out from underneath you, and hack your account again using the recovery information they set.
Check the email addresses associated with your Facebook account and remove any you don't recognize or no longer have access to. The hacker could have added his own. Make sure all the email addresses belong to you and that you will continue to be able to access those accounts.
Check any phone numbers associated with the account. The hacker could have set their own. Remove any you don't recognize, and make sure that if a phone number is provided, it's yours.
Overlooking information entered for account recovery could allow the hacker to hack back in. And, of course, failing to set any recovery information dramatically lessens the chances of recovering a hacked account. Take the time to carefully review and/or set up this information.
4. Let your contacts know
Some people may disagree with me, but I recommend letting your friends know your account was hacked, particularly if your account was posting spam while out of your control.
I believe it's important so they know not to pay attention to posts or messages made while the account was out of your control. They can also be on the lookout for phishing attempts using information the hacker may have gathered from your account while they had access to it.
5. Learn from the experience
One of the most important lessons to learn from this experience is to consider all the ways your account could have been hacked and take appropriate steps to protect yourself from a repeat occurrence.
- Use long passwords that can't be guessed. Use a password vault so you can set truly secure passwords.
- Don't share your password with anyone.
- Don't fall for phishing attempts. If they ask for your password, they are bogus.
- Don't click links in email or private messages you aren't 100% certain of. Many phishing attempts lead you to bogus sites that ask you to log in and steal your password when you try.
- If you're using WiFi hotspots, learn to use them safely.
- Keep the operating system and other software on your machine up to date and run up-to-date anti-malware tools.
- Learn to use the internet safely.
- Consider enabling Facebook two-factor authentication, where simply knowing the password is not enough to gain access .
If you are fortunate enough to be able to identify exactly how your password was compromised (and that isn't common), absolutely take measures so it never happens again.
6. If you're not sure, get help
If you're having difficulty with the process, you can ask Facebook for help. It's unclear how responsive they are, and I wouldn't expect a quick response by any means, but it may serve as a last resort.
While you're at it, find someone who can help you set up a more secure system for your account by following the steps above.
The reality is, you and I are ultimately responsible for our own security. That means taking the time to learn and set things up securely. Yes, additional security can be seen as an inconvenience. In my opinion, dealing with a hacked account is significantly more than inconvenient. It's worth the trouble to do things right in the first place.
If that's still too much, well, expect your account to get hacked again.
Do this
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
Good point re Facebook. However also beware an eBay scam which simply says :
eBay sent this message on behalf of an eBay member through My Messages.
Dear member,
eBay member sprouts-n-gerbils has left you a message regarding item #271224584134
Click here to view the message
( there will be a hyperlink here leading to a website )
Regards,
eBay
Needless to say the item number doesnt exist but you can bet your last $ that the link leads to somewhere nasty.
Another Facebook set up tip for safety – set facebook so that it tells you if “you” log in from a new computer. That gave me a big heads up when it said that I had logged in from a computer 1000+ miles away. A spam message was posted as a comment by “me”.
Facebook had tools readily available to report and erase the message and suggestions for securing my account again.
Facebook also has a plan that I use. Whenever I log in from a different computer, they send a code to my cell phone. If the code is not put in, I (or anyone else) cannot log in to my Facebook account. Love it!
Re: changing the answer to the security question. I can’t even find the mechanism for doing this in the current UI. I looked in the help section, and all I could find was that you can’t change your security question, with no link to the question itself.
Also, Facebook gives me a warning message when I try to enable login approvals:
Your current Firefox settings might make it hard to use Login Approvals.
It’s probably because:
You sometimes clear your cookies.
Your browser is set to automatically clear cookies whenever it closes.
You use your browser’s “private browsing” or “incognito” mode.
You’re using a new browser.
It may take a few days after fixing these issues before you will be able to enable Login Approvals. You also may need to log out and then log in again after fixing these settings for the changes to take effect.
Visit the Help Center for step-by-step directions on how to fix these settings.
My browser doesn’t do any of the cookie manipulations mentioned, nor do I browse in private mode. WTF?
If my problem seems questionable I’m surprised. I own an ipad (no phone) which is mostly always asked to provide my mobile phone number. If I try adding my landline they say I will receive a verification code to the phone number I gave so I can then enter it to continue access. Of course I’m unable to receive a call to my landline. I also still agree that to renew a forgotten password to a certain email. The mail they send can’t be processed without verification from me. Only they won’t confirm my new password until I get to it inside the very email I’m unable to enter without answering their request within 3 hours. 3 hrs or 3 days, how else can I retrieve my new password if I’m unable to get access to it.
I got a spam in my facebook id, and as i didin’t know about spams, so i clicked on it and then my id also started sending spams. but as soon as it was possible, i deleted the post. the next day when i tried to log in, facebook sent me the message that your computer has malware , you need to clean it! and i wasn’t able to open my account. i downloaded kaspersky, and scanned my computer, but it didn’t find any malware. i really dont want to loose my account. please help me and guide me on how to restore my id!
Fun fact: i was logged in in my mobile, so till now, i am able to use facebook on mobile. but it isnt a permanent solution! [please help!]
my account was hacked on thursday 25th 2015 and the hacker removed my phone numbers and changed my password. But i have found the person that did it. I also have his number and his name as well. What can i do then because i don’t want to lost my account.
There’s probably nothing you can do other than to contact the police. Once an account is stolen, technical solutions may be impossible.
Plx sir…i opened two face book acct wit same numb,now i dnt av acess to the former,only the latter wich i dnt like,i want to recover mha former acct,are they chances dat i can do dat?can i destroy the latter for the former?if so,wot are dhi steps…plx sir i rily want my former acct. Back…help me plx
I’ll start you here: http://ask-leo.com/how_do_i_delete_my_facebook_account.html
My problem is that I noticed my account was hacked after I had gotten a new computer. I went to the “secure your account” step, but it says I have no answer security questions before I can login because it’s from a device that hasn’t logged in before. Surprise surprise, the hacker changed the security questions. I now have to identify a bunch of pictures of strangers from all the new people the hacker has connected to from the account. As far as I can tell, it is impossible to do anything at this point.
Yes, the only way to secure your account from hackers is to answer security questions that a hacker can easily change the instant he takes control of your account. Brilliant, Facebook. A+ security measures.
thnks 4 d help but actually i’m not a tech savvy so i dont know much bout facebook settings n all… cn u suggest smething on hw to know who has hacked my account ?
There’s no way of knowing without help from law enforcement, and unfortunately, they usually have other priorities in most cases.
Hi Leo,
Here’s my story. I was on my Facebook yesterday and when I tried to refresh the news feed I was prompted to re-login. When I did this I was notified that my password was reset 10min ago. I didn’t do this so I knew I was hacked and followed steps to lock my account. I do not have access to my Facebook email and it isn’t possible to get access (I tried). I used the trusted friend method. I didn’t previously set this up but I was instructed to pick 3 friends from 3 groups of pre-selected friends. Because I could only pick from specific groups, I couldn’t pick exactly who I wanted. Anyway, 2 of the people I picked don’t have access to their Facebook email and the 3rd never received an email. I talked to 3 different Facebook friends in person today and they were willing to help since they all had access to their Facebook emails. However, when I try to go through the trusted friend process again and pick the friends I spoke with, I can get right to the end and then it won’t send the codes because I already started the process before. I can prove it’s me if I can pick new trusted friends. Is it possible to do this? I reported this incident to Facebook but I don’t expect to get a reply anytime soon. Please try and respond to my questions below.
1) I noticed the hack 10 min after my password was changed and clicked the lock account button. I was unable to follow through with resetting my password but wascmy account still locked at that time?
2) My friend says my profile doesn’t exist anymore, is this something the hacker did or that Facebook did when I pressed “lock my account”?
3) Can I get the trusted friends I chose to access the codes through their Facebook accounts since 2/3 can’t access their email and the other didn’t receive the code?
4) As mentioned above, can I change my trusted friends after I already chose 3 after the hack?
Thanks in advance for your help, I really appreciate it.
5) Will facebook reply to my report, and if they do will they actually do anything to help me?
All your options are in the article you just commented on. You may not be able to recover your account.
Is it possible for someone to view your facebook inbox messages without knowing your password? Thank you
Only if there’s malware on your computer, or if they’re looking over your shoulder.
The golden rules of social media accounts:
1) put all access totally public
2) keep parallel contacts with “friends” (e-mail for instance, or phone numbers)
3) don’t use it as a storage medium
1) If you don’t want the world to know, then don’t put it on a social media account. As such, there’s no possibility being embarrassed if your account gets hacked and you will get the security reflex of never ever putting something private or confidential on such a thing. You don’t want your child’s pictures to travel the whole internet ? Then don’t put it on a facebook account. You want to show off to your friends with a nice picture of the moon you took ? Go ahead, everybody can see it, no harm if it is public.
2) The worst thing that can happen to you when your account gets hacked, is that the new owner impersonates you to do nasty things. But that can only harm your relationships with “friends”. Let them simply know that your account got hacked and that they should ignore it now, and make a new account.
3) Keep of course copies of everything that you put there, if you value it (like pictures and the like).
As such, a social media hacked account is just a slight nuisance, and not the social drama it often turns out to be when you use insecure things such as social media for private, reliable and confidential material. It should be like a hacked discussion forum account. Just make another one, let everybody know that your previous account got hacked, eventually ask the moderators or administrators to ban it, and that’s it.
If you live a second life on facebook, then you are putting yourself and your environment seriously in danger. You could just as well put public web cams in all the rooms of your house. Don’t.
Ditto… though I would extend that to:
1) If you don’t want the world to know, then don’t put it ANYWHERE or ANY WAY (like Skype, Facetime, cloud, anything.) It keeps life a lot simpler.
Hackers removed my cell phone number from my account. And when they did, Facebook automatically disabled login approval so I wouldn’t be locked out. Below is the email I received from FB. My questions is, how do I prevent FB from disabling login approval so hackers won’t have access to my account?
Hi Sandra,
You recently removed your primary phone from your account. Because of this, we turned off login approvals on your account to ensure that you don’t get locked out when using an unrecognized computer or mobile device to log in.
If you want to use login approvals again, you can add a mobile phone
and then turn on login approvals again.
Thanks,
The Facebook Team
You don’t have login approval enabled because you no longer have a phone number associated with your Facebook account. According to the message you received, adding a mobile number will allow you to turn on login approvals. And make sure you’ve done everything this article recommends.
But, I had login approval enabled. And, hackers were still able to get into my account and remove my cell phone number. They removed my number, not me. The only reason I was made aware of this is because I received an email notifying me of the changes. I have added my number once again, enabled login approval and changed my password. It just seems crazy to me that they were able to delete my number which then prompted FB to disable login approval.
I had a horrible situation happen and I want to know how it happened it has been a nightmare for me with trust with my boyfriend. My BF received a message on his messanger that was sent as me from my messanger to his but I didn’t do it. When I opened my side the message sent wasn’t there only on his, even the messages i sent to him the prior day were not there either. My side looked like a fake messanger created to cause this horrible problem. How was it done?? Please help me with your answer
There’s no real way to know exactly how. What would you do with the information if you knew?
Closing comments here as this article seems to have become a magnet for hackers and hacking services.