My Facebook Account Has Been Stolen - Now What?

Stolen Facebook account. Have you ever been in such a situation or heard of it? Facebook is one of the most popular social networks, which is used by almost 3 billion users Worldwide. Unfortunately, the number of stolen Facebook accounts is increasing. Are you wondering how to proceed in such a situation, or even better, how to prevent such a situation? Then read on.

What does such a theft look like?

You will receive an email informing you that your password has been changed. And you know very well that you did not initiate the password change. For example, the email might look like this:

TIP: Facebook always communicates from an address during authentication security@facebookmail.com. All others are fake. Always check the sender. Real address (něco@něco.com), not what is written there. You can find instructions on how to recognize a fake email here.

Why would someone steal your account?

There is nothing personal about it, and these attacks are often automated, performed by robots, and do not involve you personally at all. If a hacker tries 1,000 accounts and only 2 get caught, it's still a success, after all I have access to two accounts. The magic is in the number of attacks. Some statistics state that around 600,000 attacks on Facebook accounts are carried out worldwide every day.

How are we doing in the Czech Republic? The trend is similar. According to verified sources there is a 100% increase in cyber attacks in the Czech Republic. In 2022 alone, there were almost 20,000 cases. This year (2023), the number of crimes is expected to exceed 20,000. We are talking about those cases that someone actually reports to the police. You can also find trends on the police website here. We are, of course, an order of magnitude different when it comes to the number of "only" attempts. If your account hasn't been stolen yet, you're one of the lucky ones, but it's only a matter of time before it's your turn. You will learn more about the fact that hackers have it really hard here.

Main factors, why someone stole your account:

  • Weak passwords: Users often use weak passwords that are easy to guess. Hackers thus need a simple guess or brute-force to break into an account.
  • Phishing: Fraudsters often create fake websites or send fraudulent emails. If users are not careful enough, they can enter their credentials on these fake sites. We have described how to recognize him here
  • Malware and keyloggers: Computer viruses and malicious software can be installed on a user's device without their knowledge.

The most common reasons, why is this happening to us:

  • To send advertising to your contacts
  • Running an advertising campaign from your account using your credit card
  • Collection of data and personal information
  • Spreading spam and malware
  • Gaining control of an account to spread disinformation
  • Blackmail and bullying

Someone Has Accessed My Account - Now What?

A big advantage is if you still have some access to the account - then you can save a lot. All active connections to the social network are waiting for you (For example, with Facebook, you can find them here: Settings / Privacy / Activity Logs / Active Sessions, but generally this setting is hard to find and the location changes from time to time - search and google Active sessions), changing the password to strong and unique and setting the second factor (also in Privacy settings).

Below is a step-by-step guide on how to prevent account loss:

  1. Strong passwords: Use strong passwords that combine lowercase letters, uppercase letters, numbers, and special characters. Avoid using easy-to-guess passwords such as date of birth and names of relatives.
  2. Two-factor authentication: Turn on two-factor authentication (2FA) in your account. This way, you'll need to provide a second authentication factor, such as a code sent to your mobile phone when you sign in from a new device.
  3. Caution when clicking on links: Be careful when clicking on links, especially in messages or emails. Always make sure the link goes to a legitimate website.
  4. Update your software: Keep your operating system, internet browser and anti-virus software up to date.
  5. Do not give confidential information: Be careful when sharing personal information on Facebook. Fraudsters could use this information to attack your account or for other forms of fraud.

You can find out more about how to choose a password and set up a second factor here. General rules of online safety here. You can check the strength of your password here.

What to do when it is too late for prevention

Try to see if you have your Facebook open on your phone, computer or tablet and if so, try to change your password. Also contact support. Most companies do not have customer support in the Czech Republic, so there is nowhere to turn. The only option is to use the standard options listed below for the three most common profiles. Each service has instructions and guides you through the steps to recover your account:

  • Is it about Facebook? Get started here.
  • Is it an Instagram account? Then try it here. And don't forget to translate the page into Czech. The option is at the top right.
  • Is it a Google account? Then try it here.

Are you unable to complete the recovery process due to an error message? You can try contacting the police. Unfortunately, it won't really help you much. Also for capacity reasons, see the statistics at the beginning of the article.

If you don't log into your account anymore, give customer support a few days and if no one answers, create a new account. I'm sorry, but you have most likely lost your account for good, you need to create a new one and warn those around you about the original profile. Don't forget to set a strong password and two-factor authentication for your new account.

Also think about where you used the same password and change it there immediately. I know, I don't like changing passwords either. But I'm assuming you don't want to go through profile theft multiple times. Once your password has been leaked somewhere, it is not safe anywhere else.

TIP: If no one hears from Facebook et al., you can try to "publicly" report the problem to their social networks. This may or may not help.

Let's keep our fists together and stay one step ahead of scammers

Set a strong password and turn on two-factor authentication to stay ahead of hackers. If it's too late, we cross our fingers and hope for strong nerves.

Summarizing the topic of a stolen account into one universal guide is difficult. Every situation is a little different and it is necessary to attend to each case individually. If you have any specific problems, please get in touch and we can discuss it.