Last week, one of our community members was unable to log into his Facebook account. As he attempted to reset his password, Facebook was no longer recognizing the recovery email address. It wasn’t long after that he discovered that his account had been compromised to the point it had been lost.
With reality setting in on what truly had been lost, his confession of the events hearkened what I have seen and heard all too many times in my profession from others. Baby photos, wedding pictures, siblings, loved ones; all his previous memories potentially gone in an instant.
It’s one of the worst feelings in the world; one of which I do not wish upon anyone. The reality of it is, more than 160,000 Facebook accounts are compromised on a daily basis according to The New York Post. We have to be more diligent on how we secure our accounts.
In an attempt to console him, I advised him not to fright as there is still hope in recovering his account, but I stressed that if we were able to regain access, he had to promise to implement the recommended layers of protection to avoid this from happening again.
As we were successful in recovering his Facebook account, he allowed me to share his experience on this blog with the community. He felt it would benefit others should they find themselves in the same situation.
So how did we do it?
The Prep Work To Recovering The Facebook Account
Before you go through the process below, it may be a good idea to change your email password first. If you didn’t get an initial email advising you that your password had changed, this is a good indicator that your email address was likely compromised first. Especially, if the bad actor was able de-link your email with one they fully control.
Regaining Facebook Account From Hackers
After you change your password, the next step should be relatively easy. Go to www.facebook.com/hacked/ or visit the Help Center here (Facebook: Help Center) to gain access to your account. This is the best method to use if the email you had on file was changed.
The next screen will prompt you to enter in the email address or phone number assigned to your account. I would recommend trying your phone number first as many bad actors forget to change this in fear that their activities can be traced back. If that does not work, use your email address.
Facebook can send a special code to the originally assigned email to reverse the process but remember to fix your email password first. Otherwise it may be rinse and repeat.
Securing Your Facebook Account Going Forward
Once you have regained access to your account, it is time to get serious about securing it by implementing Two-Factor Authentication (2FA). I also wrote an article on the importance of Two-Factor Authentication( 7 Tips To Better Secure WordPress Blogs | Sage Knows IT ) which can help as a layer of protection in the event your password is popped again. I would recommend you check it out as it expands on the importance of implementing this security feature.
To summarize, Two-Factor Authentication allows you to have an extra layer of security in the event your password is compromised. Most major social media platforms including Facebook make this feature available and the bearer to entry is extremely low meaning you can get this feature virtually free.
You can find this option under the Settings & Privacy > Privacy Shortcuts > Account Security > Use two-factor authentication.
The next screen will prompt you to download a token application like Google Authenticator or Duo. Follow the prompts and your account should be one layer of protection safer from bad actors.
I hope you found this helpful. If you are interested in learning how the attack happened, please leave a comment and I may consider doing a future post. Feel free to share your experience with using two-factor authentication as well.
For over 20 years, I have had the distinct opportunity to work in the Information Technology space under a variety of distinct roles.
My unique position has helped me become a risk management Maven for Fortune 500 and Small Business Companies around the world. For the last 12 years, I have assisted Small Business Owners and Insurance Agency understand the impacts of Cyber Incident exposures and what steps to take to help mitigate potential data breaches.
My desire to expand my reach related to cyber security has led me to establish the Sage Knows IT blog as a way to help Small Business Owners and aspiring Information Technology (I.T.) Professionals better understand the road-maps of I.T. through the experiences I have had.
Information Technology and Information Security is the future of our world and I hope this blog will inspire those that are interested in joining our ever involving field.