Facebook Hacking & Strategies to Keep Your Account Safe

Facebook Hacking Alert

Do you think twice before clicking a link on Facebook that a trusted friend posted?

Have you ever seen a message with a link that a friend posted on Facebook that looked suspicious? It may have been a post or email about a great offer for a deal that your friend took advantage of. It may have looked like a legitimate message, but something wasn’t quite right. Unfortunately, many unsuspecting Facebook user’s fall to this type of scam, click the link and open the door to hackers.

Recently, I spent the afternoon helping a victim of a hacked Facebook account. Unfortunately, she – we’ll call her “Mary” – clicked a link that one of her “trusted friends” had posted. That friend was a victim of a Facebook hijacked account. The damage for “Mary”:

  • The hijacker posted a status update on Mary’s Facebook wall in first person stating that she allegedly took advantage of that included a malicious link.
  • Next, the hacker set up 13 “BestFriends” groups with a series of numbers following “BestFriends” and added all of Mary’s friends to one of the groups.
  • The hacker then posted a message in Mary’s name on each of the Facebook groups telling the friends about the unbelievable offer she “allegedly” took advantage of with the malicious link.
  • Next, the hacker removed Mary’s administrative access to all the groups and made himself/herself the admin of the group. Facebook states that “the first admin and creator of this group” can delete the group. Unfortunately, Mary cannot delete the groups and all of her friends will see the rouge message.

The following is an image of the malicious message with obscured link that was posted on Mary’s wall and on all of the Facebook group pages:

Facebook Scam Message

Steps to Secure a Hacked Facebook Account

  1. Change your Facebook Password
    “Mary” was unable to change her Facebook password at first. She actually had to log out of her Facebook account and request a new one. Luckily, the hacker had not changed her password and she was able to regain access to her account. Her new password is over 8 characters and includes upper case and lower case letters, numbers and symbols.
  2. Run a virus scan on your computer
    Mary then ran a virus scan on her computer to make sure that her machine was not infected with a virus or malware.
Facebook security settings

Facebook account settings to help secure your account

Log into your account and go to “Account Settings” then to “Security and Login”:

Enable “Get alerts about unrecognized logins”

Be sure to enable login alerts to send you alerts when someone logs into your Facebook account from a computer or mobile device that you haven’t used before. You may select to be notified by text, messenger or email.

This second layer of security will alert you when someone tries to access your account from an unknown browser. If you attempt to login from an unknown/new browser, you will need to enter a security code.

Get alerts about unrecognized logins

Enable “two-factor authentication”

Add an extra layer of security to prevent other people from logging into your Facebook account. You will need to log in with a code from your mobile phone as well as a password from a new device.

Facebook two factor authentication

Review “Where You’re Logged In”

Review your active sessions and end the activity of any session from a location you do not recognize. In Mary’s case, there was an active session to a location she had never been and she immediately closed that connection.

Facebook Security seciton: Where You're Logged In

5 Tips to help keep your Facebook from being hacked

How do you keep your Facebook account from being hacked? In review of what happened to “Mary”, here are 5 tips to keep your Facebook account secure:

  1. Choose strong passwords. – Create passwords of at least 8 characters that include upper case and lower case letters, numbers and symbols.
  2. Enable “Get alerts about unrecognized logins” in your Facebook security settings
  3. Enable “two-factor authentication” in your Facebook security settings.
  4. Check where you are logged in by checking your Facebook account’s security section on a regular basis. Close activity from locations you do not recognize.
  5. Think twice before you click. If a link looks suspicious or a trusted friend sends you a message that doesn’t quite sound like something they would write that includes a link, think twice before your click. Never click a link in a suspicious message.

Has your Facebook account ever been hacked? If it has, how did the hacker gain access to your account? What steps did you take to prevent it from happening again? Please share your story in the comments below.

You might also like to read:

How to remove your home address and cell phone number from Facebook How to remove your home address and cell phone number from Facebook
Would you like to keep your home address and phone numbers from prying eyes on Facebook personal profile? This tutorial will show you how to remove both.


How to Remove a Like from a Link on Facebook How to Remove a Like from a Link on Facebook
Have you clicked “like” on a link under a Facebook post and then decided that you actually do not want to like it? This tutorial will show you how to remove that like.

Fascinated with the growing potential and power of the Internet, Robin founded R & R Web Design LLC in the Chicago area in 2000. As creative director, she is passionate about helping others reach their Internet objectives through a strategic online presence with results driven custom web design, ethical SEO, and social media marketing.

14 comments on “Facebook Hacking & Strategies to Keep Your Account Safe
  1. Yikes! Thanks for the heads up – will be sharing!

  2. Heather Myklegard says:

    This is a very informative and relevant post Robin. Thank you so much for sharing. The internet scares me sometimes and this is a good reminder of steps to take to make sure we stay secure.

  3. Sumit says:

    It is very useful and important blog you added. The internet is really scary for sometime but the security is important for it. thank you for sharing.

  4. Imee says:

    Thanks alot for adding this! I was being added By group that started with “BestFriends” and some numbers after it. It seemed suspicious because i was being added on more than 1 group. So i searched up to see this suspicious case. I couldnt find anything help but this!! great great, thanks alot~

  5. Sara says:

    Fortunately, I’ve never had this happen but this morning upon signing into Facebook my mom got the “malicious” message which wants you to let it clean your computer. I cleared her browser, did a malware check and Avast check. I opened her account from a different browser and it seems that that “malicious” message disappeared.

    Finally, FB had her review old messages (1 – 2 years old) to confirm that she posted them. I then went into her security sections. She had logins going back to 2013. I cleared these up and added some email alerts and had her change her password.

    She says she clicks on links for games (collect this or whatever) and that is when FB gave her the message about a malicious link.

    It’s so important that people know that just because your friend posted something doesn’t mean the link is legit.

    • Hi Sara,
      Thank you for sharing the story of about your mother’s Facebook “malicious” message. Yes, I agree. It is critical that people know that simply because a friend posts something the the link is legitimate. I’m so glad to hear that you were able to help your mother.
      ~ Robin

  6. ikechi says:

    Hi Robin

    Thanks a lot for this info. I know so many of my friends who would have wished they had read this information. Last year, there was so much malicious activity happening around the profiles of my buddies that it was hard to recognize who was real and fake.

    Love the tips to beef up security. Thanks for sharing. Take Care

    • Hi Ikechi,
      Your are very welcome! It can be hard to recognize who is real and who is real and who is not. I’m glad to hear that you like the security tips. Have a great day, my friend!
      ~ Robin

  7. ikechi says:

    Hi Robin

    I wish my friends had seen this post then, they will not have fallen into the hands of scammers/hackers.

    Thanks for sharing this awesome tip. Some awesome security tips you have shared. Take Care and have a wonderful week.