How To Tell If Your Facebook Has Been Hacked: The Signs

At a Glance

Social media accounts, like those offered by Facebook, are popular targets for hackers. This is because of the platforms’ popularity and sometime’s less than optimal security measures. Bad actors target social media accounts because they contain a wealth of personal information, providing an excellent return for their efforts.

In this article, I’ll share the tell-tale signs that your Facebook account may have been hacked and also tell you how to secure your account once more. Whether you’re a casual Facebook user or a social media “professional”, I’ll show you how to secure and protect your social media account.

Ways to Determine if Your Facebook Account Has Been Hacked

Check Your Recent Facebook Logins

Facebook offers an easy way to help you detect whether or not your account has been hacked.

Just follow these simple steps:

1. Go to your Facebook profile. Click your Facebook profile photo. It’ll be in the upper right-hand corner on desktop, lower right-hand corner on mobile.
2. Click or tap “Settings and Privacy” from the account menu.

3. Click or tap “Settings” -> “Accounts Center” -> “Passwords and security.”
4. Click or tap “”Where you’re logged in,” under the “Security checks” section.

5. There, you’ll find your recent login activity, which is a list of where you have logged in from over the last few months and which devices you logged in with.

You should be on the lookout for logins from suspicious locations and devices (for example, if you live in New Jersey and use an iPhone, you’ll definitely want to be suspicious of a login from Tucson, AZ on an Android device). A log out option can be used to terminate any connections you don’t recognize.

While the above method allows you to quickly check current and past connections, it’s not always easy to remember where you’ve logged in over the last few months and from which device the log in was performed. Happily, there are other ways to check for signs of a Facebook account breach.

Other Ways to Determine Whether Your Facebook Account Has Been Hacked

If you check your previous Facebook login activity and you’re still not sure that all of your logins can be traced back to you, there are other indicators that someone has hacked your account.

• You can’t log in to your account – You may attempt to login to Facebook and are repeatedly told your password is incorrect, even though you know it’s correct. In this case, someone has hacked your account and changed your password.

• Someone has changed your personal information – If your email address or password has been changed, or if you’re unable to log in using your usual username/password combination, that’s a sign that someone has breached your Facebook account. Also, always check to make sure that none of your profile information (your name, birthday, or any other information) has changed. If it has, that’s a sign that there has been an account breach.

• Unusual friend request approvals – If you see approved friend requests for people that you know you didn’t send invites to, it’s a sign that someone has hacked your account.

• Odd messages or correspondences in your inbox – If you see messages and conversations in your Facebook inbox that you don’t recognize, that’s another clear sign that somebody has hacked your Facebook profile.

• Facebook status messages or notifications that make no sense – If your account has been hacked, you may see Facebook status messages or notifications that don’t make sense, such as a notification that your personal Facebook account information is ready for download. Or, you may receive a notification that you’ve attempted to upload something that violates Facebook guidelines.

• New posts or ads on your Facebook profile that you haven’t posted – If you see new profile posts or your account has posted new ads, it means that it’s likely that somebody else is using your profile to write their thoughts or promote products or other accounts.

If you notice any of the above indications or notice any other irregularities, there is a good chance that your Facebook account has been compromised. Immediately disconnect all devices in the recent login activity list. Also, immediately reset your Facebook and Instagram passwords.

In the following sections of this article, I’ll lay out other Facebook breach remedies and general protective measures you can take to prevent a future breach.

What Should I Do If My Facebook Account Has Been Compromised?

If you believe your Facebook account has been hacked, you should immediately take the following actions:

1. Log Out of All of Your Devices

It is vitally important to log all of your devices out of Facebook as soon as you find that your account has been breached. This will log hackers out of your account, allowing you to quickly change your Facebook password to a secure and unique password, locking the bad guys out of your account.

Just follow these simple steps:

1. Go to your Facebook profile. Click your Facebook profile photo. It’ll be in the upper right-hand corner on desktop, lower right-hand corner on mobile.
2. Click or tap “Settings and Privacy” from the account menu.

3. Click or tap “Settings” -> “Accounts Center” -> “Passwords and security.”
4. Click or tap “Where you’re logged in,” under the “Security checks” section.

5. There, you’ll find your recent login activity, which is a list of where you have logged in from over the last few months and which devices you logged in with.
6. Tick all the boxes, except the one showing your current connection, to ensure that all the other active sessions are terminated. The hacker is likely somewhere among those connections.

2. Change Your Passwords

After you’ve logged out of all devices, except for the device you’re using, change your Facebook password.

1. Go to your Facebook profile. Click your Facebook profile photo. It’ll be in the upper right-hand corner on desktop, and lower right-hand corner on mobile.
2. Click or tap “Settings and Privacy” from the account menu.

3. Click or tap “Settings” -> “Accounts Center” -> “Passwords and security.”
4. Click or tap “Change password”.

5. Follow the prompts to create a strong, unique password. If you need to, use a password manager, like 1Password or LastPass, to create a unique and secure password for you.

3. Enable Two-Factor Authentication (2FA)

One of the best ways available to secure your Facebook account is to use two-factor (2FA) authentication in addition to changing your password. 2FA requires a second form of authentication – usually a code sent by text or email or a code generated by a secondary app.

With 2FA in place, a bad actor would need to have access to the device and account where your 2FA code will be sent or generated. This significantly reduces the chances of another security breach on Facebook (it’s a good idea to activate 2FA for any account that makes it available).

To enable 2FA, do the following:

1. Go to your Facebook profile. Click your Facebook profile photo. It’ll be in the upper right-hand corner on desktop, and lower right-hand corner on mobile.
2. Click or tap “Settings and Privacy” from the account menu.

3. Click or tap “Settings” -> “Accounts Center” -> “Passwords and security.”
4. Click or tap “Two-factor authentication.”

5. Follow the prompts to enable two-factor authentication.

4. Check For Unauthorized Changes, And Reverse Them If Possible

Once you’ve taken the above-listed actions, review your other account settings. Check to make sure your email address, phone number, and other information have not been changed by an unauthorized party. Then, check your Facebook Messenger conversation list to confirm that the conversations are actually all yours. Finally, check the activity log for any unfamiliar posts or activities.

5. Report The Hack To Facebook

Now, you should report that hack to Facebook.

1. Click or tap your Facebook profile photo. It’ll be in the upper right-hand corner on desktop, and lower right-hand corner on mobile.
2. Click or tap on “Help & support” in the menu that appears.

3. In the menu that appears, tap or click “Help center.”

4. Navigate to the “Policy and Reporting” section.
5. Tap or click on the “Hacked and fake accounts” option.

6. Follow the instructions to report the issue to Facebook and request assistance.

It is important to report that your account has been hacked, because it helps Facebook improve its security measures to protect you and other users on the platform.

6. Scan Your Device(s) For Malware

If your Facebook account has been hacked, there is a good chance that your device(s) may have also been infected by malware. Use a reputable antivirus or anti-malware application to scan your device(s) for malicious software that may have been installed on your device when it was breached.

7. Let Friends and Family Know You Were Hacked

Notify your family and friends that your account was hacked, so they won’t fall for any potential scams or phishing attempts that might come from your account. A simple Facebook post or a chain/group message should suffice.

8. Review Connected Apps and Online Accounts

Many apps and platforms are tightly integrated with Facebook, so you’ll need to take a close look at them as well.

1. Go to your Facebook profile. Click your Facebook profile photo. It’ll be in the upper right-hand corner on desktop, and lower right-hand corner on mobile.
2. Click or tap “Settings and Privacy” from the account menu.

3. Click or tap ”Settings.”
4. Click or tap “Apps and websites.”

Carefully scan the list of apps in the “Apps and websites” list and remove any suspicious or unfamiliar apps that have access to your Facebook account. Make sure to change your password on any connected app that you do keep. Also, be sure to change your Instagram and WhatsApp password. This significantly reduces the risk of any additional unauthorized hacks or damage.

How to Protect Your Facebook Account From Hackers

If you’re lucky enough to have not been the victim of a hacker attack, you should immediately take steps to secure your Facebook account to prevent anyone from accessing your account and to prevent any potential future security breaches.

Here are some effective ways to protect your Facebook account, as well as other social media accounts:

• Use unique, strong, regularly updated passwords – Your passwords should be several characters long and made up of letters, numbers, and special characters. Do not reuse passwords from other apps and sites. Never use personal information like birthdays, common words, pet names, your maiden name, or other easily guessed words. Always change your password on a regular basis.

• Enable two-factor authentication (2FA) – 2FA provides a second layer of protection, making it much more difficult for bad actors to log in to your accounts. Follow the steps listed in the section above to enable 2FA in Facebook. Check with other apps and websites to determine id 2FA is available for their platforms.

• Use trusted devices only – Do not log into your Facebook account on a public or shared computer. Protect your devices by installing and keeping updated antivirus and anti-malware software. Always perform security updates and scan your devices on a regular basis.

• Limit app and website access – You should, on a regular basis, review and remove permissions for any apps or websites you no longer use or that you no longer trust.

• Be careful about how much personal information you share – Don’t share too much personal information on Facebook. There is no reason to include your home address, home or mobile phone number, email address, or other contact information. Also, be careful about posting things like your birth date, your mother’s maiden name, your pets’ names, or other information that could be used to hack other accounts.

• Adjust your Facebook privacy settings – Go to “Settings & Privacy” -> “Settings” -> “Privacy Checkup.” Here, you can customize your privacy settings, including controlling who can see your personal info, your posts, your friend lists, and other sensitive personal content.

• Set up login alerts – Go to “Settings & Privacy” -> “Accounts center” -> “Password and security.” Under “Security checks,” enable “Login alerts” to automatically receive notifications whenever someone tries to access your account from an unfamiliar device or browser.

• Use a VPN – By using a reliable VPN to encrypt your internet connection, you make it tougher for hackers to intercept and monitor your online activities, including your Facebook activities. A VPN not only encases your internet connection in a tunnel of encryption, it also hides your true IP address. This both increases your online anonymity and protects your true location from hackers. It is also advisable to use a VPN when accessing the internet via a public WiFi hotspot, reducing the possibility of the bad actor drinking the Swiss Mocha Extra Chocolate Two Shots of Espresso drink at the next table of intercepting and monitoring your Facebook activity.

• Stay alert for phishing attempts – Never tap or click on suspicious links or download attachments from unknown sources. Always verify the sender before sharing any personal information. Report and delete any suspicious messages.

• Regularly review your account activity – Periodically check to make sure no unfamiliar devices are accessing your accounts or being used in unfamiliar locations.

Is Having My Facebook Account Cloned The Same As Having My Account Hacked?

No, it is not the same. Understanding the difference between getting hacked and getting cloned can help you better understand how to protect your Facebook account. This information also applies to accounts on other social platforms.

Cloned Facebook Account

If your Facebook account is cloned, that means a bad actor has taken publicly available information about your account (including personal details and other data), copied photos and other postings, and created a new profile that appears identical to your real Facebook account. This can be accomplished by almost anyone, and they don’t need your Facebook login to pull this off.

Bad actors will clone a Facebook account in an attempt to deceive your family and friends into accepting friend requests from the cloned account. Once these requests are accepted, hackers can then attempt phishing attacks, spread malware by infected links and attachments, or scam them out of money or additional personal and financial information.

If you find that your Facebook account has been cloned, immediately report the fake profile to Facebook, warn your friends and family about the cloned account, and adjust your privacy settings to limit the display of public information.

Hacked Facebook Account

If your Facebook account is actually hacked, that means hackers have gained unauthorized access to your account. Login information can be obtained via phishing attempts, malware (like keystroke loggers), or simply because you have reused a weak password.

If a bad guy has truly hacked your account, they have control. They can now post updates, send messages to your Facebook friends, access your private information, change account settings, and even gain access to other websites and services that you may have used your Facebook account to gain access to.

If your account has been hacked, immediately change your password (if you can still access your account), turn on two-factor authentication, review and lockdown your account’s security settings, immediately report the hack to Facebook, and scan your device for viruses and malware.

In Closing

As we’ve seen here, hackers love to take over or duplicate user accounts on Facebook, as doing so allows them to attack other accounts or to phish for information from other users, while also providing access to your information and other accounts.

The best way to protect your Facebook account is to use a strong and unique password, which you change on a regular basis. Also, be alert for phishing attempts, and review your account activity on a regular basis. Also, scan your device with antivirus and anti-malware applications to ensure your device has not been infected.

Be proactive and you’ll greatly reduce the chances of your Facebook account being hacked.

Facebook Account Hack FAQs

Can I Recover My Facebook Account If It’s Been Hacked?

Absolutely. Facebook provides ways to recover your account. For more information on recovering your hacked Facebook account, visit the Facebook Help Center for additional information about recovering your account.

Should I Update My Facebook Password On a Regular Basis?

Yes. You should change the passwords for all of your apps and websites on a regular basis. While I know it’s tough to remember all of your passwords, it’s no excuse to never change your passwords or to reuse passwords. There are several easy-to-use password managers available for popular device platforms. A password manager can create and store your passwords in an encrypted database that only you have access to. Many password managers will also alert you to reused passwords or insecure passwords. For more information read my article about the best password managers.

Can I Be Hacked Just By Replying To a Facebook Message?

Just replying to a message isn’t enough to get your account hacked (well, just as long as you don’t provide enough information to the hacker to get hacked). You can get hacked by clicking on a link in the message, as that link may infect your device with malware. To play it safe, don’t reply to Facebook Messages from anyone you don’t know or that you’re unsure about. Also, keep in mind that even if the sender isn’t malicious, replying to one message may lead to lots of spam messages down the line.