So, you reckon you’re a pretty savvy user of the internet, been around a while and learned a lot, friends even ask you for advice, they know you read Costa Connected every week after all.  And now something really embarrassing has happened, your Facebook account has been hacked!

There’s something really personal and nasty about this, because for so many people their Facebook profile and account is deeply invested in their identity and personality, it feels like a major violation. After all you have so much stuff on Facebook, all your photos and everything – if a hacker busts through your carefully-structured privacy settings it feels like the online equivalent of a burglary, even if nothing is taken you feel violated and upset.  But just as with an offline intrusion of this nature, you can pick yourself up and respond to it, change the locks and move on – and learn how to stop it happening again.

If your Facebook account has genuinely been hacked – not just that you gave permission to some rogue app to start posting all sorts of rubbish to your all about Whitney or What This Girl’s Father Saw etc… then you need to reclaim it.  If you can  still get into your account, start by checking all your application permissions, and make sure you haven’t inadvertently allowed a questionable app to start posting as you.  These apps can be very devious in tricking you into installing them.  With some of them you can modify permissions, others you are just better off removing altogether, especially if you find an app in your list that you don’t remember authorising or aren’t sure what it does.  Go to ‘home’ in the top right corner of every page on Facebook, then select ‘privacy’ from the drop-down menu, then ‘edit settings’ for apps and websites.

If you are locked out of your account and cannot log in at all, it probably is a genuine hack, someone has obtained and changed your password.  Visit theFacebookHelpCenterand report it, and provided you have access to your email account (and phone, if registered with Facebook) they can help you reset everything.  Consider setting up the Facebook ‘Trusted Friends’ service, for just in case it happens again, to make it easier to retrieve next time.

Then change your password – and if this has happened, you probably need to change it for something more secure, think eight characters long, a mix of lower case, caps numbers and at least one symbol like £$€%… this should be pretty uncrackable.  And if you used the same password for Facebook as you have used anywhere else, go and change all of them too.  Think about setting up a password protection service like Lastpass,com, to generate and store different secure passwords for all your different online logins, to protect you in future, and remember using the same password for different sites is like having a master key for an entire urbanisacion – easy and convenient in your pocket if you need to clean a load of apartments, but VERY risky when it comes to loss or theft.

Next up, you need to think about how the hacker got that password in the first place, which is something you might never pin down precisely.  But the most likely answer is that they gained entry to your computer via a virus or other malware.  Make sure you have a current and up-to-date anti virus programme installed, and run a comprehensive scan as soon as possible, on all drives and files.

If you have ever accessed your account through another computer, this could be the source of the problem – if it’s a friend’s machine let them know, and they should run their scan as well just to be certain, and if it was something like an internet café or similar then I really wouldn’t go there again!  Remember if you ever do have to use public computers like this to always always double-check you have logged out properly afterwards, as that is probably your biggest exposure to risk in that event.  The other main way your password could have been obtained is via a phishing attack – something that looked like a genuine Facebook log-in, but was in fact a trap.  With so many sites and services offering Facebook log-in in different places, this is a growing risk – before you enter your password anywhere, be very clear and careful that the site you are using is what you think it is.

You need to let your friends know anyway, once you get cleaned up again – yes it’s embarrassing, but if the hacker has been posting as you and sending messages and status updates, you have got to set the record straight, and your status message is as good a place as any.  Ask your friends to be very wary of any communication that appears to be from you, via email or text as well as through Facebook, that might not sound quite right – because hackers have had access to the lot whilst they controlled your account, and they could abuse these contacts to send spam, propagate viruses, phish for their personal information, or send the kind of nasty messages saying you are in trouble and desperately need them to wire emergency money.

So, don’t panic, you caught a cold and dealt with it and you are now back in control.  Bookmark this: and have a good look through the resources there, you will be better prepared another time.


Published in Costa Blanca News, 25th May 2012

Share →