Updated on 6/29/2023 with current instructions
If you've seen unusual activity on your Facebook account, your account may have been compromised. Either hackers have gotten into your account to access your personal information, or scammers have cloned your account, using your profile photo and other public information, to prey on your friends and family.
With hacking, someone has gotten into your account, often by stealing your Facebook password or your email password. For instance, the "IS THIS YOU?" video scam tricks Facebook users into clicking a link to view a video, but then takes them to a fake Facebook login page to steal their account credentials. Once hackers have access to your account, they can view all of your information and even lock you out of your own account.
Find out if your Facebook account has been hacked
There are lots of signs that your account may be compromised. Here are red flags to watch for:
- You can't log into your account.
- You get an email with instructions on how to reset your Facebook password when you didn't try to reset your password.
- You get an email saying someone logged into your account when you haven't logged into your account.
- You see posts you didn't make, messages you didn't write, friend requests you didn't send, or profile changes you didn't make.
If you don't these warning signs, your account have likely been cloned. Read our story on What is Facebook Account Cloning & What Can You do about It.
How to revoke access to your Facebook account
On your computer:
- Go directly to your Meta Accounts Center Password and security page.
- Select "Where you're logged in."
On your phone:
- Open the Facebook app.
- Select "Menu" (your profile photo in the lower right).
- Select the cog icon in the upper right.
- Select "Password and security" in the Meta Accounts Center box at the top.
- Select "Password and security."
- Select "Where you're logged in."
The "Where You're Logged In" section of the page will list every device you've logged on to Facebook with, as well as their locations. If you see a device or location you don't recognize, it's a good sign someone else has access to your account. You can kick them out immediately by clicking on "Select devices to log out." Click on the circle next to any logins you don't recognize and then click the "Log out" button.
Secure your Facebook account from hackers
While locking a potential hacker out of your account throws them offline immediately, they may be able to log right back in. To keep them out, you need to take a few more steps to secure your account.
If you aren't already there, start by going to your Meta Accounts Center Password and security page as outlined above.
1. Change your password
Select "Change password," then enter your current password and a new, unique password. Having a password you don't use on any other site will ensure that no one can get into your Facebook account if your password was stolen from another site.
2. Turn on two-factor authentication
Select "Two-factor authentication" and then click on your account. Select the type of two-factor authentication you'd like to use – an authentication app, a text message, or a security key. You'll have to enter a code (or use your key) as well as your password to log on when you use a new device or browser. This means even if a hacker gets your password, they can't get into your account. After you enable two-factor authentication, make note of your Recovery codes, which will let you into your account if you lose access to your authentication app, phone or security key. You can find them by selecting "Additional methods" and then "Recovery codes" from the two-factor authentication page.
3. Set up alerts for unrecognized logins
In the "Security check section, select "Login alerts," then select whether you'd like to be notified by email or in-app notification. This way you'll get an email if anyone logs into your account other than you.
Once you've done that, it's a good time to review the security on your email account – because if a hacker has access to email associated with your Facebook account, they may be able to get back in. We recommend changing your email password and setting up two-factor authentication.
With these changes, any hackers should be locked out of your Facebook account – and you've made it harder for them to get back in. And while you're at it, take the time to review our suggestions on how to manage your Facebook Privacy settings.
Recover your Facebook account from hackers
If a hacker has access to your Facebook account, you can run into a snag: they may have changed the password so you can't access it. If you're trying to log on to Facebook and find your password doesn't work, you should see a "Forgot Password?" option. Facebook will be able to send an email to any of the email addresses associated with your Facebook account or a text to your phone. From there, follow Facebook's instructions.
Once you have your account back, you should follow the instructions above to add extra security to protect yourself from hackers in the future. Or if you're fed up, here's how to delete your Facebook account permanently.
[Image credit: Screenshots via Techlicious, image of laptop on wooden table via Smartmockups]
For the past 20+ years, Techlicious founder Suzanne Kantra has been exploring and writing about the world’s most exciting and important science and technology issues. Prior to Techlicious, Suzanne was the Technology Editor for Martha Stewart Living Omnimedia and the Senior Technology Editor for Popular Science. Suzanne has been featured on CNN, CBS, and NBC.
From Peggy S. Hunt on January 31, 2019 :: 12:44 pm
My friends are receiving message requests from me that are coming out of Nigeria. I have changed my Facebook password but obviously that has not stopped these hackers, what do I do now?
Reply
From Josh Kirschner on January 31, 2019 :: 1:44 pm
Most of the time, these issues are a result of someone cloning your Facebook account, not hacking it. With cloning, they take all of your information, including profile picture, and create a new account under your name. They then invite your existing friends to your new cloned account, eventually to send them spam or scams.
Want to know if your account has been cloned? Search for your name in Facebook and see what comes up. If you see a fake account, report it.
The best way to prevent account cloning is to hide your friend list in your Facebook privacy settings. Set “Who can see your friends list?” to “Friends”. If they don’t know who your friends are, they can’t do anything with a cloned account.
Reply
From James creech on February 04, 2021 :: 12:13 am
What should i do nothing is working i was on Facebook then all os a sudden about 50 friends request started poping up all at once then i was logged out and it said session exspired and logged me out and when you pull messenger up sone body else profile it want let you click on it its there with my picture on it but my profile picture has changed and they are using my name and still have my friends on there i reported the picture but Facebook want to nothing and i told them through email i was hacked and thats not my picture but its my page
Reply
From Ste on June 30, 2023 :: 11:59 am
Hi I need help on Facebook I’ve got 2 accounts pop back up the accounts are old accounts are from 2010 wot can I do don’t know the details for the accounts please can you help me
Reply