How Do Facebook Accounts Get Hacked?

Sophia Taylor

By Sophia Taylor


Facebook is the most popular social networking platform in the world, with an incredible 2.9 billion active monthly users. That’s about 36% of the global population!

Unfortunately, Facebook also attracts hackers who try to steal users’ personal information and financial details in order to exploit them. A study from the Identity Theft Resource Center found that of those who had experienced social media hacking, 25% of these attacks occurred on Facebook.

Attacks like these are a serious threat. Hackers might gain access to your account and pretend to be you, sending messages to your friends and followers asking for money. They could also blackmail you by threatening to share your private messages, photos, and information, or use your account to spread malware online.

In this article, we’ll explain how hackers might access your Facebook account, what to do if it happens to you, and how to protect your phone and your account from future attacks.

Want to protect your device from hackers?

Install Certo Mobile Security for iPhone and Android for free and get peace of mind today.

How Do Hackers Gain Access to Your Facebook Account?

There are many different ways for hackers to access your Facebook account. Keep reading to learn more about the most common techniques.


Phishing is a type of scam where hackers ‘fish’ for your personal information by posing as a trusted website like Facebook, or even as one of your friends. With an estimated 3.4 billion phishing emails sent every single day, it’s important to be aware of the warning signs.

If you suddenly receive a message that looks like it’s from Facebook and is asking you to take urgent action to secure your account, be very wary. Hackers are able to create messages that look almost identical to real communication from Facebook.

These messages will usually ask you to click a link and fill in your personal information. It could be your username and password, your email account details, your financial data, or other sensitive information. Once you fill in your details, the hacker will have access to them and can log in to your account.

You should also be suspicious of any strange messages you receive from your Facebook friends. Anything that asks you to click a link or seems out of character is a red flag. It might be something like “Check out these photos of us from last weekend!”, or a message asking you to send them money for an emergency. If you click the link or send any money, you’re likely to be the hacker’s next victim.

Malware or suspicious apps

Hackers can also access your Facebook account via fake apps you have unknowingly installed on your phone. In 2022, Meta reported that an estimated one million users may have had their accounts compromised by hackers using malicious apps that were available on the App Store and the Google Play Store.

These apps often pose as photo editors, mobile games, or fitness monitors, and after downloading the app, users are required to enter their Facebook credentials to log in. Once they have submitted this information, the hacker can use it to access their Facebook account.

Although Google and Apple say that they have since removed the offending apps, it’s important to remain vigilant. Be wary of apps that ask you to use your Facebook username and password to log in, particularly if the quality of the app looks poor or unprofessional.


It’s possible for hackers to install keylogging software on your phone without your knowledge. Once installed, it will record everything you type and send this information to the hacker. The hacker can then easily find out your Facebook password and gain access to your account.

Hackers can also use keyloggers to access your financial information, your messages, and other confidential data, leaving you vulnerable to identity theft.

If you think your phone has been hacked look out for any suspicious apps or files in your Downloads folder, since this is where keylogging software may be hiding.

Identify and remove keyloggers

Download the award-winning Certo Mobile Security for free and help protect your phone from hackers.

Knowing (or guessing) your password

Although it may seem obvious, it’s important to keep your Facebook password confidential. Many phone hacking incidents are carried out by those close to you (one survey found that 50% of Americans had accessed their partner’s phone without their permission!), so it’s important not to give your login details to friends, family, or partners.

In some cases hackers may be able to access your password after a data breach — often once someone has hacked into a company’s network to access their customers’ details — so changing your password regularly is important.

Don’t use the same password for multiple accounts, and create strong passwords that include a combination of lowercase and uppercase letters, numbers, and special symbols. Never use passwords that are generic or easy to guess, such as those that incorporate your birthday or your name.

Signs That Your Facebook Account Has Been Hacked

There are a few warning signs that indicate your Facebook account may have been compromised. Here are some things to look out for:

Unrecognized logins

If you receive an email from Facebook saying that someone has logged into your account from a suspicious location or device, it’s likely that you’ve been hacked (unless, of course, you’re the one in a new location or using a different device).

After receiving a message like this from Facebook, you’ll be asked to confirm if it was you who tried to log in, and if not, you’ll be taken through some steps to change your password.

Strange messages sent on your behalf

If you’re suspicious that your Facebook account has been hacked, check your sent messages. Hackers will often send messages to your contacts asking them to visit a link or send them money.

If you notice any messages like this, you should let your friends know that your account has been hacked.

Unusual activity on other apps

Since Facebook login credentials are often used to access other apps, unusual activity elsewhere on your phone could indicate that your Facebook account has been hacked. For example, if people have been receiving strange messages from you on Instagram, it could mean that someone has hacked into your Facebook account.

Look out for any low-quality apps that ask you to use your Facebook credentials to log in, and if you’re worried your account has been hacked change your password immediately.

What Should I Do If My Facebook Account Has Been Hacked?

If your Facebook account has been hacked, there are some simple actions you can take to secure it again. The steps you take will depend on whether you can still log in to your account or not.

If you can still log in: Change your password

If you’re still able to access your account, change your password straight away. Make sure you choose a strong password that is completely different from your previous one (or any others that you have), and one that is hard to guess.

If you can’t log in: Request a password reset

If you’ve lost access to your Facebook account, you’ll need to request a password reset. You can do this via the Find Your Account page, where you’ll be asked to enter your email address or mobile number to search for your account. Follow the instructions to reset your password and regain access.

Contact Facebook

If your account has been hacked, you should also contact Facebook to report the incident. They will help you log back into your account, but you may be asked to verify your identity first—this may include confirming your date of birth or identifying friends in tagged photos.

How Can I Secure My Facebook Account Against Future Attacks?

Facebook hacking represents a serious threat to the security of your personal data, financial information, and more. Luckily there are a few things you can do to minimize the risk and stay in control of your Facebook account.

Use Certo Mobile Security

Secure Facebook account against hackers - Use Certo Mobile Security

Certo’s free app for Android and iOS can help you to protect your device from hackers. Check for signs of tampering and identify and remove suspicious apps that hackers can use to monitor your activity and access your accounts.

Always log out of Facebook on public or shared devices

This one may seem obvious, but it’s easy to forget. If you’re not using your own device, make sure you log out when you’ve finished using Facebook (or any other app or website, for that matter).

Check that the device isn’t set to remember your login details, since this is another easy way for hackers to gain access.

Change your privacy settings

Restricting who can see your posts or add you as a friend on Facebook will make it more difficult for hackers to find your profile.

One way to do this is by using the audience selector when you post on Facebook. Click ‘What’s on your mind?’ to create a post. Underneath your name, you’ll see a box that says ‘Friends,’ ‘Public,’ or something similar. Clicking on this audience selector box will allow you to choose who sees the post.

You can also limit who sees all of your past posts, and change who you can receive friend requests from to ‘Friends of friends’ only. Only add people that you know in real life, and delete any new friends that send you suspicious messages.

Only use secure Wi-Fi connections

Never use public Wi-Fi connections that don’t require passwords, since they make it easier for hackers to gain access to your device. If you can’t avoid using public Wi-Fi, it’s a good idea to use a VPN (virtual private network) and to protect your device from hackers we would highly recommend NordVPN.

Enable two-factor authentication

Two-factor authentication is one of the most effective ways to stop hackers from accessing your phone or online accounts. It requires you to use two different methods of authentication to verify yourself – for example, you might need to enter your password as well as a code sent to you by SMS.

This makes it much harder for hackers to gain access, since they need an additional piece of information along with your password.

Change your passwords regularly

Don’t make it easy for hackers by using the same password for all of your accounts. Choose strong passwords that combine uppercase and lowercase letters, numbers, and symbols, and change all your passwords regularly (about once every three months) to improve your online security.

Never share your passwords with others, and consider using a password manager tool that will remember them all for you.

Key Takeaways

Facebook hacking is a real threat that can expose your personal and financial information to criminals. Luckily, there are steps you can take to protect your Facebook account and your sensitive data.

  • Install Certo Mobile Security for iPhone or Android for free to help you protect your phone from hackers and easily identify threats.
  • Always log out of Facebook on public or shared devices, change your password regularly, and don’t share it with anyone.
  • Use two-factor authentication to make your phone and your online accounts less vulnerable to attack.

Award-winning mobile security

Download Certo Mobile Security on iPhone or Android for free and protect your device from cyber-attacks now.

Frequently Asked Questions (FAQs)

Can I recover my Facebook account if it gets hacked?

Yes, it is possible to recover a hacked Facebook account. You’ll need to visit this Facebook page and follow the steps to reset your password.

How do you know if your Facebook account has been hacked?

Hackers will usually change your password, so if you suddenly can’t log in to your account it has probably been hacked. You might also receive a notification saying someone has tried to log in from an unfamiliar location or device, or you could hear about strange messages being sent on your behalf.

Can you get hacked by clicking a link on Facebook?

Yes. Many hackers will send direct messages to the contacts of the person whose account they hacked, asking them to click a link. They might say it is a link to view photos or to send them money, but in reality, it’s another hacking method.