What to do if your Facebook account Is hacked

“Why would someone want to hack my Facebook account?” may be the first thing that comes to mind for those who aren’t celebrities but have had their Facebook account taken over by cybercriminals.

However, having your Facebook account hacked is actually not that uncommon. There are many reasons why someone might want to gain access to your Facebook account. While stealing your personal information like your passwords and other credentials is one major motivation, forcing your Facebook account to share spam with your friends online is another.

Whatever the reason may be, hacked social media accounts have become a part of life. This is why it’s important to know the steps you can take to recover your Facebook account once you’ve discovered it’s been hacked.

This is a step-by-step guide on recovering a hacked Facebook account along with next steps you should take to ensure it doesn’t happen again with input from several cybersecurity experts. (And don't miss our guides to how to make yourself anonymous on Facebook, how to block and unfriend someone on Facebook, and how to protect your identity, personal data and property.)

1. Check to make sure your account really has been hacked

If you notice suspicious activity on your Facebook account including changes to your name, birthday, email address or password, new sent messages or friend requests to people you don’t know or posts appearing on your timeline you didn’t post – then go to the upper right-hand corner of your Facebook page and click on the arrow there which will reveal a drop-down menu.

Click Settings and Privacy > Settings and a new menu will pop up. Choose the Security and Login option and then Where You’re Logged In. If there is a login from a device or place you don’t recognize, then your account may have been hacked. 

2. End the intruder's session

Click the three vertical dots next to the device login that you don't recognize, then Not You? or Log Out. This logs the intruder out of your account, at least temporarily. This limits the damage the intruder can do and allows you to continue regaining and securing control of your account.

3. Alert your contacts

If your account has been compromised, it likely has already been used to contact people from your friends list. You'll need to tell them not to trust any links or install any apps that you had sent them — via wall postings, Facebook messages or Facebook email — while the intruder had control of your account.

4. Change your Facebook password

If the intruder has not changed your password, then changing it is easy. Click Security and Login again, then scroll down to Login and then click Change Password.

"If you use the same password for multiple sites, it is best to change your passwords there as well," said Cosette Jarrett, a web-marketing specialist based in Salt Lake City. "If your password has been compromised on one site, chances are your accounts at other sites are in danger, too." 

This is why password reuse is such a big problem. Fortunately, you can nip it in the bud for good by using one of the best password managers to generate strong, complex and unique passwords for each of your online accounts. You can also follow these tips to create a secure password.

5. Reset your password if the intruder has changed it

Often, hackers will change your password once they have gotten control of your account, so it's not as simple as just going into your account settings and changing your password.

You'll have to reset your password by clicking the Forgot Your Password link underneath the Facebook login. You will need to provide information to identify yourself, such as the email address you used to register with Facebook, the phone number associated with your account, your Facebook username, or your name and the name of one of your Facebook friends. 

The last option may be best if you believe the person who hacked your account has changed any of your profile information.

6. Report your compromised account

If ads or spam are being sent from your hacked account, you must report it as compromised, which you can do at this link. After reporting, you will receive further instructions from Facebook to resolve the issue.

7. Check for malicious apps

Once you have control of your account again, go to the same Settings menu where you checked for suspicious logins or changed your password, and click on the Apps option in the left-hand menu. Go through the list and check for any apps you did not add yourself, and click the X next to them to remove them. It's worth noting that if you don't use an app for some time, it will expire automatically.

8. Secure your Facebook account

Getting your Facebook account hijacked is not the end of the world. Having it happen to you, though, can be a good reminder to make sure your account is as secure as it can be.

Facebook itself offers a number of security tips. You should use a unique password for Facebook, one that you do not use on any other sites; you should log out of Facebook when using a computer you share with other people; you should run the best antivirus software on your computer (or the best Mac antivirus software if your using an Apple computer); and you should be careful about the links you click on and the apps and files you download. You can also run a Security Checkup while logged in to your Facebook account.

Even if you have not been hacked, shoring up your Facebook security is a good idea. Since many Facebook account compromises are caused by external apps, consider limiting the number of apps you use in general, both on your computer and your smartphone.

Do not click on suspicious links or ads shared in your news feed, even when you trust the people who are doing the sharing — it's possible they themselves have been hacked. Always make sure your desktop web browsers and mobile operating systems are up to date. And be sure to sign out when you're done using Facebook for the day.

The same goes for other social networks. Twitter, Instagram, LinkedIn and others have all had user accounts compromised in various ways. As always, remain vigilant and be smart about what you do online, and you'll be just fine.

TOPICS
Anthony Spadafora
Managing Editor Security and Home Office

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

With contributions from
Read more
How to delete TikTok
TikTok has rolled out a vital new security feature — here's how to use it
A person sat at a computer and a tablet, coding
What is social engineering and how to avoid becoming a victim
Facebook, Instagram, YouTube, Pinterest, X, LinkedIn, Reddit, TikTok, Threads apps on an iPhone
Why you need to review your app permissions now
Black and white photo of a woman, with her eyes obscured by pixels
It's Data Privacy Day – 4 ways to protect your info online
Graphic of smartphone with cybersecurity shield
"Blatantly unlawful and horrifically intrusive" data collection is everywhere – how to fight back
A person typing on a computer while hackers use phishing to steal a file from their computer
It's Safer Internet Day – here are 5 tips to help you be safer online
Latest in Social Media
Elon Musk next to the X logo for the social media network that used to be called Twitter
X was down — live updates on outage Musk blames on ‘massive cyberattack’
Bluesky logo with X logo in the background
Flashes is a brand new Instagram alternative — and it’s basically Bluesky for images
Instagram app on iPhone
Instagram was down — live updates on the quick outage
elon musk in front of image of earth from space
Elon Musk reportedly exploring buying TikTok — Bytedance says 'pure fiction'
Instagram logo on iPhone with Instagram website in background.
Instagram now lets you schedule DMs — here's how to do it
TikTok displayed on a smart phone with a USA flag in the background
Google and Apple warned by Congress to be ready to remove TikTok from app stores — here's the date
Latest in References
A woman stays awake in the night because she needs to fix her sleep schedule
"Your body and mind are pushed to their absolute limits" — expert reveals how long you can go without sleep
Attractive heavy woman sitting on a bed smiling at the camera
Your mattress' weight limit might be the reason you can't sleep — here's why
Zoma Boost mattress
What is graphite in a mattress and does your cooling mattress need it?
The Saatva Classic mattress photographed in a stylish white pool room with an indoor river
Do you need a discount code to get the cheapest prices on Saatva mattresses? No and here's why
A mattress placed on a wooden floor with a Tom's Guide Sleep Week 2025 logo in the top left corner
Ditching the bed this World Sleep Day? 3 things you need before putting your mattress on the floor
A woman lies in bed with her hands covering her face, looking upset due to sleep deprivation. A Tom's Guide Sleep Week 2025 graphic, bottom left
Long-term sleep deprivation has serious health risks — but they can be reversed, says expert