Is there a way for me to see if my Facebook account has been hacked?
This question was answered on July 6, 2016. Much of the information contained herein may have changed since posting.
With over one billion active daily users, Facebook increasingly is becoming an attack vector of choice for those with malicious intent.
Target Rich Environment
Facebook is a target rich environment not only because of the huge number of users but because of the sensitive information that so many have provided the network which helps to pull off ID theft.
Birth dates, mother’s maiden name, and using a compromised profile to login to other services is just the beginning of the desirable identity elements for thieves.
There are a variety of common techniques that scammers use to gain access to your profile, with many of them focusing on phishing scams with malicious links or fake login requests.
Fake Duplicate Accounts
Another very common practice that gets people thinking that their account has been hacked is actually just a fake duplicate of your profile.
It only takes a few minutes to download your public profile image and publically available information to create what looks like your account to your friends.
Most of these scams will try to trick your friends into accepting a new friend request that looks like it’s from you so they can perpetrate their scam as a ‘trusted friend’.
In these cases, posting a warning to all your friends and asking them to help you report the fake duplicate will generally get the account taken down fairly quickly.
The process for reporting fake accounts is posted at: https://goo.gl/73Kddn
Has My Account Been Hacked?
Certainly there are clear indicators that someone had gained access to your account, like when you see posts that you had nothing to do with or private messages that were sent to your friends that wasn’t you.
The first step to determining if others are actually using your account is to check the ‘Where You’re Logged In’ page in the Security portion of your Settings.
This page will list every location, device and last access time for all your active sessions, so if you see a location or device that you don’t recognize, that could be an indication of a compromise and you should immediately change your password.
If you don’t initially recognize an entry, remember that if you’ve ever borrowed a friend’s computer to use your account, that computer may still have access to your profile and many friends will take the opportunity to prank you.
You can remove any of the entries by clicking on the ‘End Activity’ link next to each session or click on the ‘End All Activity’ to kill all sessions except your current one.
Keep in mind, with data breaches occurring almost daily, if you’re using the same username and passwords on most of your online accounts, it’s a walk in the park for someone to start using your Facebook account.
My advice to everyone is that you should assume that all your usernames and passwords will be compromised at some point, so activating ‘Login Approvals’ (https://goo.gl/sDqOlF) or ‘2 factor authentication’ (http://goo.gl/X65O1N) on every account is essential.
About the author
Posted by Ken Colburn of Data Doctors on July 6, 2016