Even technically savvy pals are being “hacked” on Facebook these days – here’s how to avoid it and make sure your account is fully recovered. Accounts are typically “hacked” when someone obtains your password in some way. That’s particularly problematic for Facebook because users frequently use Facebook to log into other services – so if someone gains access to your Facebook account, they have access to a slew of other services as well.
Your account can be “hacked” in a variety of ways. Perhaps someone is sending messages on your behalf, making posts in your name, or engaging in other strange behavior. You’re in luck if you can still log in; here’s what to do:
If you still have the ability to do so, change your password as soon as possible. Request a password reset if you are unable to log in. If that doesn’t work, it’s conceivable that the account’s email address has been changed. There’s a solution for it as well. Report the strange activity to Facebook so that they can assist others to avoid it.
Look through your security settings to see if you recognize any of the places you’ve signed in. If you don’t identify a location or device, select “not you?” from the three-dot menu. This will log you out and help you safeguard your account even further. Examine all apps and websites that have access to your Facebook account to ensure that you recognize them. As before, if you see something you don’t recognize, click “delete.” Check the e-mail addresses Facebook has listed for you in your general settings. Remove anything that isn’t yours from the list.
Now that you know hackers don’t have access to your account (in principle), change your password once more. It must be a strong password (with letters, numbers, and special characters). Don’t use a password that you’ve already used someplace else. Use a password manager, if possible, to keep track of all your different passwords, and use stronger passwords in general.
Two-factor authentication should be enabled. That means that even if your password was stolen, they wouldn’t be able to log in unless they had access to your phone or authenticator app.
Finally, reset your email password anytime something strange happens to your security or social media. It’s terrible enough to lose access to your social media accounts, but your email account is the Holy Grail for hackers, so changing your password on a regular basis (every 1-3 months) and anytime something unusual occurs is a smart idea.
The most typical technique for a Facebook account to be hacked is for the hackers to deceive you into giving them your password. You can get a Facebook Messenger message from a buddy asking, “OMG did you see who died?” and including a link. When you click the link, it appears to be Facebook, but you’re asked to log in again.
You don’t think much of it and punch in your email and password… Uh-oh. Problem: You just supplied your login to a site that isn’t truly Facebook, and they now have your password.
Following the steps above and enabling two-factor authentication is the best method to avoid this. Then be cautious: are you logging into a site that begins with https://www.facebook.com every time you log in? If it doesn’t look like ffacebook.com or facebook.this-is-a-security-notification.com, don’t put your password in. If you’re using a web browser, the safest option is to manually type Facebook.com into the URL bar.
Keep in mind that the Facebook app includes a browser. So while you may be ‘in’ the Facebook app, it may prompt you for a password. It appears to be legitimate — how could it not, given that it’s the Facebook app — but think about it: why would it ask you to log in if you’re already in the app? In a nutshell, if it appears strange, it is strange – don’t fill in your password! Check-in on the apps that have access to your Facebook account on a semi-regular basis (see above). Delete an app if you recognize it but haven’t used it in a while and don’t think you’ll need it. It’s always possible to add it afterwards.