You’re scrolling. Everything seems fine until you see a comment you don't remember writing. Or maybe a friend texts you asking why you’re suddenly selling cheap Ray-Bans or promoting a crypto scheme from 2022. That sinking feeling in your stomach? That's the realization that your digital life might not be yours anymore. Understanding how to know if you have been hacked on Facebook isn't just about spotting the obvious red flags; it’s about hunting for the subtle footprints hackers leave behind when they're trying to stay under the radar.
Honestly, hackers have gotten way more sophisticated than the old days of just changing your password and locking you out. Now, they often want to stay inside your account as long as possible to scrape your data, message your contacts, or run fraudulent ads using your saved credit card.
The first place you must look: Your Active Sessions
If you suspect something is up, stop scrolling and go straight to your settings. Facebook keeps a running log of every device that is currently logged into your account. This is the smoking gun.
Navigate to Settings & Privacy, then Settings, and look for the Accounts Center (usually managed by Meta). Inside, you'll find Password and Security, and finally, Where you're logged in.
This list is incredibly revealing. You’ll see device types—like "iPhone 13" or "Windows PC"—and locations. Now, a quick heads-up: the locations aren't always perfect. Sometimes your ISP routes your traffic through a city three hours away. That’s normal. But if you live in Chicago and see an active session in Dublin or Ho Chi Minh City on a device you’ve never owned, you have a problem.
I once talked to a guy who found a session active on a "Linux Desktop" while he only used an iPad. That's a classic sign. If you see a device you don't recognize, Facebook gives you the option to "Log Out" of that specific device immediately. Do it. Don't wait.
Weird notifications and "Shadow" emails
Hackers usually try to change your contact info first. Why? Because if they change the email address associated with the account, you won't get the "Someone logged in" alerts.
💡 You might also like: Why It’s So Hard to Ban Female Hate Subs Once and for All
Check your primary email—the one you used to sign up for Facebook—for any messages from security@facebookmail.com. This is the official domain Facebook uses for security alerts. If you see an email saying your password was changed or a new email address was added, and you didn't do it, that’s a definitive answer on how to know if you have been hacked on Facebook.
Sometimes, hackers are sneaky. They’ll go into your Facebook settings and add their email address as a secondary contact but leave yours as the primary for a while. This lets them reset the password later without you getting an immediate notification. Go to your Personal Details in the Meta Accounts Center. If there’s a Gmail address there that looks like a string of random numbers or a name you don’t know, delete it instantly.
The "Check Your Sent Folder" trick
Most people check their wall to see if a hacker posted something embarrassing. Smart hackers don't post on your wall. They use your Messenger.
Open your Messenger app and look through your recent threads. You might find conversations you never started. Often, these are scripts—automated bots sending links to your friends that say things like, "Omg is this you in this video??" or "I found a way to get free government grants."
According to security researchers at firms like Mandiant and CrowdStrike, "account takeover" (ATO) attacks often use the victim's social capital to spread malware. Your friends trust you. If "you" send them a link, they’re likely to click it. If you see messages you didn't send, even if they were deleted by the recipient, your account is compromised.
Check your Archived Chats too. Hackers sometimes archive the conversations they’re having so they don't pop up in your main inbox and tip you off. It’s a clever way to hide their tracks while they're scamming your aunt.
📖 Related: Finding the 24/7 apple support number: What You Need to Know Before Calling
Changes to your professional presence
This is a big one for anyone who runs a business page. If you have a Meta Business Suite account or manage a Page, look at your "Page Roles."
A very common tactic involves hackers gaining access to a personal profile just to grant "Admin" status to another fake account they control. This gives them the power to run ads using your stored payment method. I’ve seen cases where small business owners woke up to $5,000 in charges for "Leads" in a different country because a hacker slipped into their Business Manager at 3:00 AM.
If you notice your "Ad Account" has been flagged or you see "Pending" ads for products you don't sell—like knock-off jerseys or shady supplements—your personal account was the entry point.
Why did my apps stop working?
Think about how many websites you log into using the "Login with Facebook" button. It's convenient, right? It's also a major vulnerability.
If you suddenly find yourself logged out of Spotify, Pinterest, or Tinder, and your Facebook password isn't working to get back in, that's a massive red flag. Hackers often use a "credential stuffing" approach. Once they have your Facebook, they’ll try to pivot to every linked service to see what else they can grab.
You can see which apps have access to your Facebook by going to Settings > Apps and Websites. If you see apps there that you haven't used in years, or new ones you don't recognize (especially those with "Developer" or "Business" permissions), it’s a sign someone else is pulling the strings.
👉 See also: The MOAB Explained: What Most People Get Wrong About the Mother of All Bombs
A quick note on "Fake" login screens
Sometimes, you aren't hacked yet, but you're being baited. This is called Phishing. You might get an email that looks exactly like a Facebook security alert, telling you to "Click here to secure your account."
If you click it and it asks for your password, STOP. Look at the URL bar. If it’s not facebook.com, it’s a trap. Realizing you almost fell for this is basically the "early warning system" for being hacked. Always go directly to the Facebook app or type the URL manually into your browser. Never trust a link in an email, even if it has the blue logo.
Is your battery dying faster than usual?
This sounds weird, I know. What does your phone's battery have to do with Facebook?
Well, if a hacker has installed a malicious version of an app or if there's a background process constantly syncing your data to a remote server, your phone will work harder. It gets hot. The battery drains. While this is more common with general phone malware, if you notice your Facebook app is using 40% of your battery life in the background, something might be piggybacking on your session.
It’s rare, but it happens. Especially with "sideloaded" apps on Android that claim to give you "Extra Facebook Features." Those are almost always Trojans designed to steal your session cookies.
What to do right now (The Action Plan)
If you've checked these things and realized the worst has happened, don't panic. Panic leads to mistakes. Follow these steps in order:
- The "Nuclear" Log Out: Go to the "Where you're logged in" section we talked about and select "Log out of all sessions." This kicks the hacker off immediately, though they might try to get back in if they have your password.
- Change the Password: Use a password manager. Don't use your dog's name. Use something like
Correct-Horse-Battery-Staple-77!—long and random. - Enable 2FA: This is non-negotiable. Use an app like Google Authenticator or Authy. Do not use SMS (text message) 2FA if you can avoid it, as "SIM swapping" is a real threat, but even SMS is better than nothing.
- Check your Email Security: If they got into your Facebook, they might have your email password too. Change that next. If they control your email, they can just "Reset Password" on Facebook and get right back in.
- Review Linked Payments: Check your saved credit cards or PayPal links in the "Payments" section of Facebook. Call your bank if you see anything weird.
- The Official Recovery Tool: If you are totally locked out, go to facebook.com/hacked. This is the official "emergency room" for Facebook accounts. You may have to upload a photo of your ID to prove who you are. It’s a pain, but it works.
Getting hacked feels like a violation of privacy because it is. But usually, these are crimes of opportunity. By closing the door and locking it with two-factor authentication, you make yourself a much harder target. Most hackers will just move on to someone who hasn't bothered to check their active sessions.
Stay vigilant. Check those login locations once a month. It takes thirty seconds and can save you months of headaches. Be the person who’s too much work to hack.