5 Steps to Take When Your Facebook Has Been Hacked

  • 400
  • 59K
5 Steps to Take When Your Facebook Has Been Hacked

“Ummmm, I think you’ve been hacked.”

It’s the phrase that strikes fear into the hearts of social media managers and Facebook junkies alike. Hacking attempts are incredibly common, and as  hackers get more sophisticated, it’s much easier to fall prey to malicious attempts. Luckily, it’s easy to get back to normal with minimal disturbance. Here are some quick, easy steps to recovering your account when your Facebook is hacked.

Change Your Password

You should be in the habit of changing your password often – at least every quarter – but if you discover your Facebook page has been hacked, it’s the first thing you should do to protect yourself and your content. Change your existing password by going to the Home button, then Account Settings, then General; next, click Password and follow the prompts. Some hackers go the extra step to change your password so you are unable to log back in. If this happens to you, use the “Forgot Password” link on the main Facebook login page and follow the prompts. You’ll be asked for a secondary email address and your phone number, so make sure this information is accurate before you deal with a hacker!

Verify Your Identity

Facebook offers the Roadblock tool to help you verify your identity if you believe you’ve been hacked. The  tool will ask for your username and password, then require you to answer a series of questions to confirm you’re who you say you are.

Report Your Account

Facebook gives you many ways to report hacking attempts for your profile or page. For privacy breaches, you can email reports directly to or on the Hacked Accounts link. If you believe you’ve been a victim of a phishing attack, fill out the phishing report.

Employ the Two-Step Login Process

Facebook’s two-step login process (also called Login Approvals) creates an extra barrier of security the first time your page is accessed on an unfamiliar device, like a new phone or computer. If you’ve enabled this feature, Facebook sends a text message with a special verification code that you’ll input before you can login from the new device. You can also block unauthorized devices and immediately change your passwords if you get an unfamiliar verification code.

Check Your Sessions

A hacker can get access to your page and wait in the shadows for the right time to jump, spamming your friends and followers with inappropriate messages or link-baiting schemes. How do you stop a hacker before he starts? By checking your active sessions, a little-known tool for any Facebook user. Simply go to your security settings (make sure you are logged in first), then click on “where you’re logged in”:

how to see if someone is hacking your Facebook account

A hacker who has logged in will leave traces of his or her presence on this setting, and by logging on, you will be able to end the session and change your password. You’ll see the location, devices and the last accessed session. If it’s suspicious, click on “end all activity.” It’s good practice to occasionally on and end old sessions, especially if you’ve logged on from a different location or device.


Featured image via Deposit Photos, screenshot taken November 2016.


Subscribe to SEJ

Get our daily newsletter from SEJ's Founder Loren Baker about the latest news in the industry!


Robert Coulter

Robert Coulter reviews Authentify’s two factor authentication methods. In his free time, he works with web design and dabbles in ... [Read full bio]