In the unfortunate event that your account is compromised, here is a list of steps that can be taken to assist you in resecuring your account:
The first thing to do is to take a deep breath and verify that your account has, in fact, been hacked. Try logging into your account with your username and password, make sure you enter the information correctly and Caps Lock is off.
If you can log in, this does not necessarily mean you haven’t been hacked. Just that the situation isn’t nearly as bad as you thought it was. The next step is to change your password using the reset password function. See the “Passwords. Storing them, creating them, and using many of them” of this blog to learn how to create a good password. Once you have reset your password, log out of all sessions to revoke the access anyone has to your account without your permission. You force them to attempt to log back into your account using your new password which, in theory, they should be unable to do.
At this point, if not already in place, set up 2-Factor Authentication on your account to drastically reduce the odds of something like this happening again!
Note: This will not work if your email has been compromised. However, the same methodology can be applied to reset your email password and log all users out of your email account (for example Gmail, Outlook, Hotmail, etc.). Remember to also implement the use of a 2-Factor authentication for your email account to ensure that it is secure.
If step one did not work then your situation is quite severe. Keep calm and read on.
At this point, immediately change your passwords to any other accounts you might have, especially if they share a password with your Facebook account as the attacker may target these next.
Unlink your Facebook account from any services you have used to sign into or any other links you may have created. If you used it to sign into, for example, a shopping website or you connected any of your bank cards you need to contact these institutions immediately and disconnect them to prevent the attacker from abusing these links.
After changing your other passwords, you can notify Facebook that you believe your account has been hacked. This step however requires a lot of patience. In the meantime, adhere to the following steps.
Let your friends and family know that you have been hacked. A common occurrence, once an account has been hacked, is for the attacker to use your account to phish (through infected messages and links) your Facebook friends. Other forms of attacks that can be conducted are achieved by them impersonating you such as messaging your family and asking for sensitive information or money. By warning your friends as soon as possible you minimize the chances of them falling victim to an attack using your account.
Here is a list of steps to take when attempting to recover your account through Facebook’s services in the event that it is hacked.
- Using the Wi-Fi you have normally used in the past, visit the following link. Locate your account by searching for your phone number, email address, name, or username. You can find your username by going to your profile or asking a friend to go there and checking the URL bar. It should show something like “facebook.com/your username.”
- Send a recovery code to your phone or email address. In the event you don’t have access to the number and address listed, select “No longer have access to these?” and “Cannot access my email.”
- Reset your email address. If not you need to go here and choose “my account is compromised.” Enter your old password, choose “secure my account,” and select “I cannot access these.” If this is also not working, open the Facebook app on your mobile device and try logging in there, and select “forgot password.” Click the button indicating you no longer have access to the phone number and email address associated with the account. If the application gives you access, reset your email address.
After these steps, you reach a point where you submit a photo of yourself along with your ID. The photo needs to be high quality, in-frame, and clearly visible. Facebook should then send you an email using the new address you registered allowing you to reset the password.
However, if the hacker that hijacked your account set up 2-Factor Authentication you will still be unable to access the account and will need to fill out another form with another photo of you with your ID. Should this be successful a link and code will be sent to the same newly registered email you attached in the step before this one. Using the link or code you can bypass the hacker’s control over your account and gain access. Immediately head over to the privacy settings and then to “Contact” and disconnect any email accounts and/or phone numbers that are not yours. Next, log out of all sessions, update your password and enjoy your account once again.
If your account truly is compromised and you’ve been unable to regain control using Facebook’s services, then it’s time to decide if the account is truly worth it. By this point, everyone you know should have been made aware of your account being compromised and should have unfriended and blocked it. Also, your other accounts should have their credentials updated to avoid the attacker targeting those next. On top of all this, you should by now have isolated your account from important services such as your bank account. You need to ask yourself: “Do I really need this account back?” If the answer is yes and nothing else has worked so far, the next step will be to appoint third parties to help with your hacked account, for example, Hacked. They offer recovery services, bearing the burden so you don’t have to.
By Adam van der Waag
CYBER SECURITY INSTITUTE
Visit us at https://cybersecurityinstitute.co.za/