Facebook account hacked? Here’s how to get it back
Joanne Hogue, a US-based PR executive, was working in the UK when she realised her Facebook account had been hacked. The first sign was an email from Facebook alerting her to a login attempt from New Jersey in the US. Seconds later, Hogue’s password was changed. Panicked, she tried to sign in fake passport online to Facebook, but it was too late, she was locked out.
From there, things only got worse. Hogue requested a password reset email, but it was sent to an address belonging to the hacker. The criminals also changed the phone number associated with her account.
Over the following days, Hogue says she contacted Facebook up to five times a day, via email and the social network’s self-service option for hacked accounts. Finally, after a week, she heard back from the social network. “Facebook said they’d send a password change link to my cell phone – but this did not work because they had the wrong number,” she says.
Another Facebook user, Kris, who did not want to share their real name for fear of being further targeted by hackers, has been locked out of Facebook since the end of August after a criminal set up two-step verification to their own email address. “My situation isn’t covered on Facebook’s Help Center page. There are directions on how to reset a Facebook account, but no advice on what to do if a hacker adds two-step authentication.”
These experiences are not unusual. Facebook’s massive base of nearly three billion users makes the social network attractive to scammers and hackers, and if you haven’t been targeted already, it’s likely you will be at some point. Here’s how to tell if your Facebook has been hacked, what to do, and how to protect your account.
How Facebook gets hacked
Facebook has been widely criticised for its security and privacy. The social network has been hacked multiple times, and its reputation has never fully recovered from the Cambridge Analytica scandal in 2018.
Combined with recent data leaks, there are now millions of Facebook usernames and passwords available on the Dark Web. These details can be used by criminals in phishing attacks to steal passwords via fake login pages, or trick people into transferring cash. One well-known Facebook Messenger scam uses a bogus video to lure people Danis passport online onto a fake login page. First seen in 2017, the “is that you” video aims to steal Facebook credentials and infect devices with malware.
“Attackers want to steal your identity so they can take advantage of trust in your profile and friends,” says Chloe Matthews, a threat intelligence analyst at cybersecurity company F-Secure. “They then use your profile to share malware or perform phishing attacks.”
How to tell if your Facebook account has been hacked
The first sign your Facebook account has been hacked is usually an email to notify you that your password has been changed. Adversaries will then try to lock you out by changing your account recovery options and email address. “If you're suddenly logged out of Facebook and your password no longer works, you've probably been hacked,” says Finnish passport online Paul Bischoff, a privacy advocate at tech research company Comparitech.
Some criminals will compromise your account, lock it, change the password and do nothing with it for some time. “Some people’s Facebook accounts are hacked and there’s no unusual activity for a while – the profile might then be sold on to a third party,” Matthews says.
To stay under the radar, some criminals won't even change your password. “They may want to make occasional but long-term use of your account and don't want to make it obvious,” warns Paul Ducklin, principal research scientist at security firm Sophos.