Dealing with a Hacked Facebook Account: Prevention and Response Tips

Between messages, friends and even interests, a Facebook account brings together a significant amount of personal information. If your Facebook profile ends up in the wrong hands, the consequences are painful for you and your loved ones. A malicious third party can trace your messages in order to find clear passwords, banking details or compromising information.

Fortunately, Facebook has provided tools to effectively secure your account, and even recover it quickly if it has been the victim of an attack. This article is here to learn how to recognize if a profile has been hacked, how to regain control of it and the best practices to follow to avoid this scenario.

What clues should you look for to find out if your Facebook account has been hacked?

A Facebook profile can be hacked without the owner realizing it. This is possible if double authentication is not activated (this adds additional protection, in addition to the password). The easiest way to check if your account has been used by another person is to view recent activity.

First thing to do: check your profile, which allows you to see if any new publications have appeared on your wall. The same goes for messages. Taking a quick tour of Messenger is a good opportunity to make sure that all discussions are legitimate and concern you.

Other clues are used to check that your Facebook account has not been hijacked. This is the case for personal information: it is advisable to check its accuracy, particularly the email address and date of birth. Hijacking the email could make profile recovery more difficult.

Finally, it is possible to see your personal history from the Facebook profile. This history includes all activities : searches for your comments, liked pages, followed users and so on. On the mobile application side, it is available in the profile settings, in the “personal history” category.

Another indicator that is valuable in determining whether a threat is looming is the receipt of emails with password-related subject lines (specifically, a reset attempt). If you are not the originator of these emails, it is likely that a third party is trying to connect to the account by testing several approaches.

What are the risks when you get Facebook hacked?

There are several dangers to be noted if you lose control of your profile on the social network because of a malicious third party who hacked you.

• Identity theft: the hacker can pretend to be you, publish content in your name, send messages to your contacts, exploit your personal information, including photos and videos;
• Theft of personal data: your information becomes accessible without restriction to the malicious person. Depending on what you shared, this could be your email address, your phone number, your date of birth, or other more or less sensitive elements.
• Violation of private correspondence: your private exchanges on Messenger are also likely to be read by the hacker (a risk likely to be reduced, however, with end-to-end encryption and the Messenger PIN code).

• Spreading malicious or harmful content: the attacker may publish inappropriate or illegal content to harm you. He could publish offensive texts or files, likely to damage your image among those close to you.
• The threat to your other accounts: if you do not make the effort to use a different password for each service or account, hacking your Facebook profile constitutes a risk for your other accesses. Whoever attacks you could try to enter your other spaces with this same code.
• Trouble for your loved ones: by pretending to be you, the nasty hacker can try to carry out influence operations on your contacts. The objective? Hack them, scam them, trick them into handing over personal data or sensitive information, and so on. This, among other things, uses trapped links.

How to recover your hacked Facebook account with the Hacked page?

If you suspect suspicious activity on your Facebook profile, or if you are certain that there is a stowaway on your account, the most urgent thing is to change their password immediately — if you still have access to the social network. Choose a strong password. This will significantly reduce the risk.

If no security measures have been set up, a third party can change your password if they know the old one. In this case, the social network has planned a special page allowing you to recover an account even if the password has been changed. Facebook will ask you to log in with the old password, then confirm your identity using a code sent by email or SMS.

In the case of suspicious activity, the social network may temporarily block an account. Its reactivation will require checking the emails and telephone numbers linked to the account. If some of these elements do not belong to you, it will be possible to delete them in order to block access to the malicious third party who hijacks your account. The password will then be reset.

The case of identity theft

Identity theft, or pretending to be someone else (in this case, you), is commonplace on the web. Facebook is no exception. Fortunately, there are parades. Simply go to the malicious profile and select the three little dots under the cover photo to report a profile. A form available at this address allows you to do the same thing if you are not registered on the community site.

What appeal in case of account hacking?

To avoid reaching the point where your Facebook account is hacked, the social network has implemented measures capable of better securing the account. By activating them, stealing an account becomes very complicated, if not impossible. These few measures to take are therefore essential to ensure the security of your profile and your data.

Enable two-factor authentication on Facebook

This is the best lever to quickly and strongly secure your profile. Once activated, double authentication (also called strong authentication or two-factor authentication) requires the registration of a one-time code when logging into the account, after giving your password.

Three methods are available:

• A code is sent by SMS to your phone. This is not the safest method, but it is easy to activate.
• An authenticator app like Google Authenticator generates dynamic login codes to securely access your account
• Associate your Facebook account with a U2F security USB key. Like the key to a safe, it is essential to connect to a new device. A radical solution, but as secure as possible.

These options are available in Facebook settingsin the “security and connection” section.

Receive alerts in case of unrecognized connections

It is also recommended to configure Facebook so that you are alerted as soon as someone tries to connect (or actually connects) to your account. An option is present in the app settings. If such an incident occurs, you will receive an email and a notification — especially if a connection comes from a device or browser that is not recognized.

If you are not the cause, it would be better to change your password immediately. Also check that double authentication is active.

Keep your information up to date

In the event of a hacked account, Facebook uses the information it has to restore legitimate access to it. The social network will notably need the telephone number, as well as one or more email addresses to send confirmation messages or connection codes.

It is essential that the information held by Facebook is up to date, in which case the platform will not be able to authenticate your identity. Indeed, the site must also protect itself from fraudulent requests, where a harmful third party poses as a victim. The social network must therefore have proof that you are legitimate.

It is possible to link several email addresses to your Facebook account. This can be useful if several online accounts are hacked. Be careful though to use different passwords so that a single code cannot be used to unlock all your spaces on the web.

Who to contact if your Facebook account is hacked?

Facebook provides a help tool. You will need to answer some preliminary questions, to help the social network understand the exact nature of the problem. Then, you will see the steps to take to regain control of your profile. There are two procedures: if you still have access to your account or if you can no longer log in.

If you still manage to connect, you can report your concerns about possible fraudulent access to the community site. In the other case, Facebook will offer to send you a link to the email associated with your profile to reset the password.