Hackers run riot on Facebook. It is estimated more than 100,000 accounts are hacked on the social media every day. Here’s what you can do to help stop yours from meeting the same fate.
Facebook has an awful reputation when it comes to privacy and security. The website has been hacked numerous times, namely the Cambridge Analytica scandal in 2018, from which the company has never fully recovered its public opinion.
These hacks have left millions of users’ sensitive personal details available to anyone on the dark web. This information can leave those who have been exposed massively vulnerable to spear phishing attacks, having their other accounts hacked, and many other types of scams.
“Attackers want to steal your identity so they can take advantage of trust in your profile and friends, they then use your profile to share malware or perform phishing attacks.”
Chloe Matthews, threat intelligence analyst – F-Secure
The first warning sign to look out for when you suspect your account has been hacked is an email notifying you your password has been changed. “If you’re suddenly logged out of Facebook and your password no longer works, you’ve probably been hacked,” warns Paul Bischoff, a privacy advocate at tech research company Comparitech.
Sometimes, hackers will not change passwords or make drastic changes to accounts in order to stay under the radar. “They may want to make occasional but long-term use of your account and don’t want to make it obvious,” says Paul Ducklin, another cyber security researcher.
These hackers will often message Facebook friends or create unusual posts on your profile that you don’t remember making, usually incorporating a scam of some kind.
If you do suspect your account has been hacked, you can request a download of your data from Facebook. This will show you what devices are logged into your account, from where, whilst also showing you all changes to your profile.
Once a hack has been confirmed, unfortunately there is a very small chance that you will be able to recover it. The first step in trying to do so however is following the self-service account recovery process on Facebook’s website. You will be asked what notified you to the breach of your account, and asked to provide a proof of identity such as a driving license or a passport. Providing such identification is likely to speed up the process and vastly increases your chances of retrieving your account.
The best way to defend against attacks such as these is by prevention. Using strong passwords created by a password generator in tandem with a password manager are the ideal line of first defence. Read more about this here.
The second, and potentially even more crucial step is to use 2FA (two-factor-authentication). This means that even if your password is exposed and your account is breached, hackers will not be able to access your account without a code from a pre authorised device (a phone number and/or email address). Making note of backup codes are also a key step in account security.
Do your employees need more training to spot the warning signs of a cyber threat such as this? Start your two week free trial today.