U.S. markets closed

  • S&P Futures

    4,268.00
    -16.00 (-0.37%)
     

  • Dow Futures

    33,051.00
    -105.00 (-0.32%)
     

  • Nasdaq Futures

    13,895.25
    -71.25 (-0.51%)
     

  • Russell 2000 Futures

    1,985.50
    -8.00 (-0.40%)
     

  • Crude Oil

    94.99
    +2.18 (+2.35%)
     

  • Gold

    1,916.10
    -10.20 (-0.53%)
     

  • Silver

    24.42
    -0.27 (-1.10%)
     

  • EUR/USD

    1.1198
    -0.0006 (-0.06%)
     

  • 10-Yr Bond

    1.9690
    -0.0080 (-0.40%)
     

  • Vix

    30.32
    -0.70 (-2.26%)
     

  • GBP/USD

    1.3383
    +0.0005 (+0.04%)
     

  • USD/JPY

    115.5420
    +0.0650 (+0.06%)
     

  • BTC-USD

    38,781.53
    +1,936.47 (+5.26%)
     

  • CMC Crypto 200

    878.24
    +85.11 (+10.73%)
     

  • FTSE 100

    7,207.38
    -290.80 (-3.88%)
     

  • Nikkei 225

    26,318.32
    +347.50 (+1.34%)
     

OMG, my Facebook was hacked! Here's what to do

Haje Jan Kamps
·4 min read

Even technically sophisticated friends are currently getting "hacked" on Facebook -- here's how to avoid it, and how to make sure your hacked account is fully recovered.

Usually, accounts are "hacked" because someone somehow gets a hold of your password. That's bad for Facebook in particular, because people often use Facebook to log into other things -- so if someone gets into your Facebook account, they have access to a bunch of other things too.

If your account has been hacked

Your account being "hacked" can take many shapes. Perhaps someone is sending messages on your behalf, posting as you or doing something else weird.

If you can still log in, you're in luck; here's what to do:

Change your password right away -- that's your first step, if you still have the power to do so. If you can't log in, request a password reset. If that doesn't work, it's possible that someone has changed the email address on the account. There's a way of dealing with that, too.

Report the weird behavior to Facebook, so they can help stop it happening to others.

Go to your security settings, and see if you recognize everywhere you are logged in. If you don't recognize a location or a device, press the three-dot menu, and select "not you?". This will log you out and will help you further secure your account.

Check that you recognize all apps and websites that have access to your Facebook account. Same as above; if there's something you don't recognize, hit "remove".

In your general settings, check the e-mail addresses Facebook has listed for you. If there's anything there that isn't yours, remove it.

Change your password one more time, now that you know hackers (in theory) don't have access to your account anymore. It should be a secure password (with letters, numbers and special characters). Don't re-use your password from somewhere else. Ideally, use a password manager to ensure that you can keep track of all your different passwords, and use higher-quality passwords in general.

Turn on two-factor authentication. That means that even if your password was somehow stolen, they can't log in without also having access to your phone or your authenticator app.

And finally, whenever something weird happens to your security and/or social media, change your email password. It's bad enough to lose access to your social accounts, but your email is the holy grail for hackers, so rotating that password regularly (every 1-3 months) and changing it whenever something strange happens is a very good idea.

How to prevent getting hacked

The most common way that a Facebook account is compromised is by tricking you into giving the hackers your password. You may get a Messenger message from a friend on Facebook, saying something like "OMG did you see who died?" with a link. You click on the link, it looks like Facebook, but suddenly you're being asked to log in again. You think nothing of it, and you type in your email and password... Uh-oh. Problem: The site that you just gave your password to isn't actually Facebook, and now they have your password.

The best way to avoid this is to follow the steps above and turn on two-factor authentication. Then be vigilant: Whenever you log in, are you logging into a site that starts with https://www.facebook.com? If not -- if it looks like something like ffacebook.com or facebook.this-is-a-security-notification.com -- don't type in your password. The safest thing, typically, is to manually type in Facebook.com into your URL bar if you're using a web browser.

Remember that the Facebook app has a browser built in. So it's possible that you are 'in' the Facebook app, but it could ask you for a password. It looks legitimate -- how could it not be, this is the Facebook app -- but use your head; if you're already in the app, why would it ask you to log in? In short: If it seems weird, it is weird -- don't type in your password!

Check the apps that have access to your Facebook account (see above) semi-regularly. If you recognize an app but you haven't used it in a while and you don't think you'll need it -- delete it. You can always add it again later.

Recommended Stories

  • Google relaxes COVID-19 rules for its US employees

    Google is also reportedly reopening amenities for employees.

  • 1 Big Reason You Shouldn't Bet Against Meta

    A lot has been said about Meta Platforms (NASDAQ: FB) since its fateful fourth-quarter 2021 earnings update: Its digital advertising dominance is "over," ended by Apple's (NASDAQ: AAPL) user privacy changes; its bet on the "metaverse" will be an ill-fated dystopian tech experiment; and it lost $400 billion in a matter of weeks (not in actual cash but merely in market cap, which means shareholders have lost $400 billion, not Meta itself). After it's endured years of political and regulatory criticism and acting as the punching bag for consumer privacy concerns, the sharks appear to be circling Meta. The company's focus on building new use cases for computing and internet-based services will no doubt be an uphill battle, but I think it would be poorly advised to bet against the social media giant over the long term.

  • Posts share false 'tip' for verifying Facebook account security

    Social media posts shared hundreds of times in Myanmar claim that commenting with the letters "Gg" on a Facebook post can verify whether the commenter's account is secure. Since the 2021 military coup, the platform has been banned in Myanmar, but some internet-savvy users have managed to circumvent the social media block with VPN services. However, a representative for Facebook's parent company Meta told AFP that the posts shared a false claim. A professor of cyber security also told AFP that th

  • Watch the Road Zipper move concrete barriers like they're weightless

    See the Road Zipper in action as it moves concrete barriers easily and efficiently.

  • Opinion: There is no hope of saving the Republican Party

    The Republican Party became the Big Lies Sedition Party, mandating that its members believe obvious lies.

  • Facebook turns on ‘lock profile’ tool for people in Ukraine

    Facebook’s security team is taking new steps to protect the accounts of users in Ukraine with a new "lock profile" feature for people in the country.

  • Twitter removes accounts tracking Russian troops as Putin launches Ukraine war

    Twitter suspended accounts that were tracking Russian military movements – saying the action was taken in error. About a dozen accounts, which had been sharing footage of Russian troops approaching Ukraine and other important information about the coming war, were taken down by Twitter. The account largely belonged to researchers, who were using them to share material taken from social media in an attempt to track the crisis in Ukraine.

  • Facebook Tries to Take Down TikTok

    Facebook is readying its war chest to go head to head against Chinese rival TikTok in the latest version of Reels wars across the world.

  • INDIVA LAUNCHES NEW CANNABIS EDIBLE DESIGNED FOR MICRODOSING

    Indiva Limited (the "Company" or "Indiva") (TSXV: NDVA) (OTCQX: NDVAF), Canada's number one producer of cannabis edibles and other cannabis products, is chewing further into the edible market with the launch of its newest product, Jewels Cannabis Tarts ("Jewels").

  • Woman loses $300,000 worth of bitcoin to person who posed as a Chinese architect on dating app Hinge

    A woman lost almost her entire savings after getting scammed by a man she met on dating platform Hinge. For months, Vu regularly communicated with the man who went by Ze Zhao, a name that has not been verified. In a few weeks, she sent bitcoin worth $300,000 to a wallet address that the man told her was connected to the Hong Kong crypto exchange (OSL).

  • Twitter Accidentally Removes Ukrainian Accounts Sharing Conflict Updates

    As Russia mounts an invasion into Ukrainian territory, Twitter says that it accidentally suspended nearly a dozen accounts that were updating about the military's movements. A spokesperson for Twitter clarified that the outages were not due to a bot campaign or a coordinated attack on the accounts, as was widely speculated online. "We've been proactively monitoring for emerging narratives that are violative of our policies, and, in this instance, we took enforcement action on a number of accounts in error," a Twitter spokesperson said in a statement.

  • Hollywood Unlocked Blog Appears to Apologize for False Reporting on Queen’s Death, Then Retracts Apology

    UPDATE: U.S. blog Hollywood Unlocked appeared to apologize for falsely reporting the death of Queen Elizabeth II, who has been battling a mild case of COVID-19. However, the outlet’s founder Jason Lee now claims the Twitter account that tweeted the apology was fake, and that he stands by the story. In the now-deleted tweet, the […]

  • Twitter restores suspended accounts that tracked Russian military activity

    Twitter Safety has also posted tips in Ukrainian on how to keep accounts secure.

  • Facebook 'Reels' go global

    Facebook added a handy video-clipping tool for creators who publish live or long-form content.

  • I tried the new Hard Mountain Dew and it was bad

    In celebration of 2/22/22, Mountain Dew released their highly-anticipated alcoholic Dew in three states: Florida, Tennessee and good ol' Iowa.After calling a bunch of Hy-Vee stores, I lucked out at the Ankeny Prairie Trail location. Stay on top of the latest market trends and economic insights with Axios Markets. Subscribe for freeI picked out a Black Cherry tall boy for $4 — a nod to my favorite Dew flavor, Code Red.At first pour, it fizzled and foamed just like pop.But in my mouth it was just

  • Publishers Move to Abandon Google-Supported Mobile Web Initiative

    Owners of the Verge and Bustle test alternatives to the AMP framework, an effort they expect will generate more ad revenue.

  • Twitch says its new ad revenue program will make payouts more reliable

    Streamers will earn a guaranteed amount of ad revenue per month.

  • Target Wants to Deliver Your Starbucks Order Curbside, Too

    Target says the option to order Starbucks as part of curbside pickup was a top customer request.

  • Founders: Connect with influential movers and shippers at TC Sessions: Mobility 2022

    If you’re itching to get your game-changing product out of the garage, onto the streets or into customers’ driveways, we not-so-humbly suggest that you do whatever it takes to attend TC Sessions: Mobility 2022 in San Mateo, California on May 18-19. It’s your chance to meet, mingle and network with mobility’s movers, shakers, shippers and unicorn makers under one roof at the spacious San Mateo County Event Center. Whether it’s top VCs, cutting-edge mobility companies, government policy makers, visionary engineers or tech journalists — to score coveted media exposure — you’ll find that and more waiting for you in two action-packed days at TC Mobility.

  • Facebook labeled half of climate denial posts from 'Toxic Ten': report

    Facebook labeled half of the climate change denial posts linked to content by the leading publishers of such disinformation, according to a Center for Countering Digital Hate (CCDH) report published Wednesday. The CCDH is among advocacy groups pushing Facebook, now under the parent company name Meta, to do more to combat misinformation than applying the labels, which advocates say have not been proven to be an effective tool for mitigation. But...