Your IP: Unknown · Your Status: Unprotected Protected

Blog How-To

What to do if your Facebook is hacked (and how to stop that from happening)

Mar 22, 2018 · 6 min read

What to do if your Facebook is hacked (and how to stop that from happening)

Most people know that Facebook is a nightmare when it comes to privacy, but what many don’t realize is that it can also be a huge online security threat. That’s why we’re going to break down what to do if your Facebook account is hacked.

How to know if you’ve been hacked

Facebook is a complex service when you look under the hood, so sometimes, what may seem like a hack might just be a quirky security function, setting, or app you weren’t aware of. What are the signs of a real Facebook hack?

  • Strange messages from your friends
    When a hacker gains access to your Facebook account, they’ve essentially stolen your identity. Using your name and face, they can message your friends and claim that you’ve gotten into an accident or other trouble. Of course, they’ll then ask your friends to send money to a certain bank account (spoiler alert: it won’t be yours). If you receive a message from one of your friends that seems like they might be referring to an event that didn’t happen or something you didn’t send, you need to act quickly. Secure your account and warn all of your Facebook friends so that nobody else falls for the hacker’s trick.
  • Actions you know you didn’t take
    Not all hacks are as overtly malicious as the one described above. Some are content to use your account to like pages (controlling an army of compromised accounts in this way is a profitable service) or to give fake accounts a veneer of legitimacy by friending them. Every post in your feed has some indication of where it came from. Some are ads, while other are posts that your friends have posted, liked, or commented on. However, if you start seeing posts from pages that Facebook says you’ve liked (but you’re sure you haven’t) or from people you’ve never friended, that may be a sign that your account has been compromised.(Note: If you’re getting posts from a page you’ve never liked, there’s also a chance that the page was bought and repurposed. Either way, it’s a good opportunity to check whether your account is secure.)
  • Your account has been logged into by someone other than you
    This one may not be immediately obvious if the hacker is content to simply retain access to your account, but there is an easy way to tell whether this has happened. Just check whether any devices have logged into your Facebook that you don’t know about. I’ll show you how later in this post when I share a few ways to make your Facebook account more secure.
  • Your usual password no longer works
    If your password isn’t working, you’re positive you’re putting it in right, and you haven’t changed it, that might mean that someone has taken over your account and locked you out. Fortunately, there are a few different ways to recover your Facebook account. You can use your email, your phone number, or another method that I’ll cover below.

My Facebook was hacked! Now what?

Time is of the essence. Facebook has a special page that will know what to do if your Facebook is hacked. First, however, it will ask you how you know you’ve been compromised. As I mentioned before, some potential symptoms of a hack may simply be caused by lax security settings.

First, the Facebook tool asks you how you know you've been hacked.

Choose whichever option is relevant for your case. Even if it’s not an actual hack, this tool will guide you through resolving your issue and tightening your security settings.

If it is a hack, the tool will immediately move to change your password and lock out unauthorized access to your account.

The tool will help you secure your Facebook account.

Click here to access the Facebook account hack emergency tool.

Phew! Your account should be secure – for the time being. Now, it’s time to undo any damage that the breach might have done. If you know that fraudulent messages were sent to your friends from your account, be sure to notify ALL of your friends that your account was hacked and that any requests you may have sent them were probably false. If you believe that the threat may have come from a suspicious Facebook app or game – delete it!

How to make your Facebook account more secure

Fortunately, Facebook has a number of settings that make it easier to keep your account secure. If you used the emergency tool mentioned above, you may have already covered some of these, but they’re worth going over separately.

Let’s start with the easiest part – your Facebook security settings. Start by clicking on the tiny arrow on the upper right corner of your Facebook page and selecting “Settings” from the drop-down menu.

How to find the "Settings" tab on Facebook.

Find the Security and Login tab – it’s the second from the top on the left.

This is where you'll find the Security and Login tab in your Facebook settings.

You’re in! This page has a TON of useful features, so let’s take it from the top:

Where You’re Logged In

This panel shows you where in the world there are devices that are logged in to your Facebook account. Ideally, this list should be limited to the devices you know you use Facebook on – your desktop computer, laptop, smartphone, and/or tablet. If you see a device on the list that you don’t recognize, don’t panic – it might be a temporary session somewhere that you forgot about. If there is a device on the last that you know couldn’t have been you, immediately run the Facebook hack emergency tool and then clear all of the sessions on this panel if they still remain.

Clearing this list regularly is a good idea. If you log in at a friend’s house or somewhere else, this will make sure that nobody can accidentally wander into your account.

Setting Up Extra Security

Set up extra security features to keep your Facebook secure.

There are three features on this panel and they’re all great at keeping your account secure.

  • Get alerts about unauthorized logins does exactly what it sounds like. If an account connects or attempts to connect from an unusual location or device, you’ll immediately be alerted so you can take the necessary precautions.
  • Two-factor authentication is a powerful tool for keeping your account secure. Every time anyone wants to log in to your account, they’ll have to enter a special code provided on the spot by Facebook (you can choose different tools when you turn this feature on). If someone steals your password but doesn’t have your phone, they won’t be able to access your account. Learn more about the advantages and risks of two-factor authentication here.
  • The last feature is self-explanatory – choose 3 to 5 friends to contact if you get locked out. Technically, this doesn’t make your account more secure, but it can help you recover it if you get locked out or if you forget your login information. The friends you choose will receive codes that will let you back into your account. Make sure you trust them!

Change your password

It’s important to keep track of which devices have access to your Facebook and to avoid malware, but there’s an even easier way to help keep your account secure – create a strong password! We’ve got some great tips on avoiding weak passwords and creating strong ones.


Daniel Markuson
Daniel Markuson successVerified author

Daniel is a digital privacy enthusiast and an Internet security expert. As the blog editor at NordVPN, Daniel loves to serve up generous helpings of news, stories, and tips to help people stay private and secure.


Subscribe to NordVPN blog