We value your privacy

We use cookies to enhance your browsing experience and analyze traffic anonymously for internal statistical purposes. By clicking “Accept all,” you consent to the use of cookies.

Tech Deep Dive

Facebook account hacked: what to do

What to do if your Facebook profile is hacked? Learn how to recover it, protect yourself and contact the cybercrime police.

Facebook profile has been hacked

19 June 2025

Table of contents

  • How to know if your Facebook account has been hacked
  • Check your recent logins to detect suspicious access
  • Reviewing your Facebook activity log
  • What to do if your Facebook account was hacked
  • How to secure your Facebook account

Social networks are a central part of our online identity. When a Facebook account is hacked, it’s not just an inconvenience — it’s a serious privacy violation.

A hacked profile can be used to send spam, scam contacts, steal personal data, or impersonate the user.

This article explores how to detect unauthorized access, what to do if your account is compromised, and how to report it to the cybercrime police (Polizia Postale, in Italy). We’ll also share tips to keep your account safe in the future.

How to know if your Facebook account has been hacked

Identifying whether your Facebook account has been hacked is easier when you know what signs to look for.

Common suspicious activities

Some key warning signs that your account has been compromised include:

  • Posts or comments you didn’t make.
  • Messages with suspicious links sent to your friends.
  • Changes to your name, email, profile picture, or bio.
  • Friend requests sent to people you don’t know.
  • Login alerts from unknown locations or devices.
  • Your Facebook language changes automatically.

Example
You receive messages from friends asking why you sent them a strange video. Upon checking, you see messages you never wrote — a clear sign of a Facebook hacker taking control.

How to check login activity manually

If you didn’t get an alert via email or Facebook notifications, you can still review login activity:

  1. Go to Settings & Privacy > Settings.
  2. Click on Security and Login.
  3. Scroll down to Where You’re Logged In.

You’ll see:

  • The device name (e.g., Chrome on Windows 10).
  • The approximate location (e.g., New York, USA).
  • The login time and date.

If you see “Firefox on iPhone” from Vietnam, but you live in France and only use Android, it’s highly likely your account has been hacked.

Sample code to scan email for login alerts

While Facebook does not offer public APIs to directly extract login data for privacy reasons, you can use tools to monitor notifications and security emails, such as:

import imaplib

import email

mail = imaplib.IMAP4_SSL("imap.gmail.com")

mail.login("your_email@gmail.com", "yourpassword")

mail.select("inbox")

status, data = mail.search(None, '(FROM "security@facebookmail.com")')

for num in data[0].split():

    status, data = mail.fetch(num, '(RFC822)')

    msg = email.message_from_bytes(data[0][1])

    subject = msg["subject"]

    if "login" in subject.lower():

        print("Possible login alert:", subject)

  This tool helps you identify suspicious emails coming from Facebook, even if you didn’t check your inbox manually.

Check your recent logins to detect suspicious access

If you suspect your Facebook account has been hacked, the first thing you should do is check your login activity. Facebook provides a helpful tool that allows you to review all the devices and locations from which your account has been accessed.

How to review login history

Follow these steps to find out if someone has used your account without your knowledge:

  1. Log into your Facebook account (if you still have access).
  2. Go to Settings & Privacy > Settings.
  3. Select Security and Login.
  4. Scroll down to Where You’re Logged In.

In this section you will find a detailed list of the latest accesses, which includes:

  • The device used (e.g., iPhone, Windows, Android).
  • The browser or app (e.g., Chrome, Facebook App).
  • The approximate location of the login.
  • The time and date of each session.

Examples of suspicious access

Example 1
A login appears from “Firefox on Mac • Moscow, Russia” at 2:15 AM, while you live in New York and use an Android phone — clear sign your Facebook profile has been hacked.

Example 2
You spot an entry from “Safari on iPhone • Lagos, Nigeria”, but you’ve never even been there. Time to change your password and review your account security.

You can click “See More > Log Out” next to any unknown session to revoke access. Still, if the hacker changed your password, logging them out won’t be enough — you’ll need to reset your password and enable two-factor authentication (2FA).

Optional: extract login data using JavaScript (advanced)

Facebook doesn’t provide a direct export, but you can use a browser extension like DataMiner or ScraperAPI to extract the visible data from the web page.

Alternatively, if you’re comfortable with development tools, you can use JavaScript in the console to read the page entries:

// Run this in browser console on the "Where You're Logged In" section

const sessions = Array.from(document.querySelectorAll('[data-testid="login_info_item"]'));

sessions.forEach(s => console.log(s.innerText));

This script helps you log your recent sessions to a file or note, useful if you need to show the data to the cybercrime police.

Reviewing your Facebook activity log

Another essential tool to detect if your Facebook profile has been hacked is the Activity Log.

This section allows you to view in detail all the actions performed with your profile, even the less visible ones.

How to find the Activity Log

To open your activity log:

  1. Go to your Facebook profile.
  2. Click the three dots next to “Edit Profile”.
  3. Select Activity Log (or access directly from Settings > Activity Log).

Inside the log, you can filter actions like:

  • Posts published.
  • Reactions (Likes, Hearts, etc.).
  • Comments made.
  • Shares.
  • Profile changes.
  • Logins and logouts (if visible).

What to look for

If you notice activity that doesn’t match your behavior, your Facebook profile might be hacked. Common red flags include:

  • Likes on strange pages (e.g., crypto ads, adult content).
  • Comments in languages you don’t speak.
  • Posts you didn’t write, especially promoting products or links.
  • Tags in scam posts directing others to malicious websites.

Example
A man sees that his profile liked 40 Turkish investment pages overnight. He speaks only English and never visited those pages. After investigating, he discovers that his account had been compromised by background access from an infected browser extension.

Save suspicious activity as evidence

If you plan to report the breach to the cybercrime unit or Facebook itself, it’s important to keep records:

  • Take screenshots of strange activity.
  • Save the page with CTRL+S (or Cmd+S on Mac).
  • Manually copy the details into a text or Excel file.

Advanced users can automate this process using tools like Puppeteer or Playwright (Node.js) to scrape and filter activity log entries. Here’s a conceptual snippet:

const puppeteer = require('puppeteer');

(async () => {

  const browser = await puppeteer.launch({ headless: false });

  const page = await browser.newPage();

  await page.goto('https://www.facebook.com/');

  // Login manually or inject session cookies

  await page.goto('https://www.facebook.com/me/allactivity');

  await page.waitForSelector('[role="main"]');

  const logs = await page.evaluate(() => {

    return Array.from(document.querySelectorAll('[role="main"] li'))

      .map(el => el.innerText)

      .filter(text => text.includes('liked') || text.includes('shared'));

  });

  console.log("Suspicious activities:", logs);

})();

This helps you audit your Facebook actions and spot things you never did — a solid indication that your profile has been compromised.

Social networks

What to do if your Facebook account was hacked

If you’re certain — or strongly suspect — that your Facebook profile has been hacked, you must act fast. Every minute that passes can further compromise your online security and that of your contacts.

1. Report the hacked account to Facebook

Facebook offers a dedicated support page for those who suspect their profile has been stolen or hacked: https://www.facebook.com/hacked

Select the situation that best applies (e.g., can’t access, suspicious activity, impersonation), and follow the recovery process.

Tip: Take screenshots of suspicious actions, unknown logins, or contact information changes — you’ll need them later.

2. Change your password immediately (if you still have access)

If you can still log in, go to:

Settings > Security and Login > Change password

Choose a strong password, ideally generated by a secure password manager. Example:

@N2!aRz8#LqW5$hT

Avoid easy combos like johnsmith123.

3. Check and log out of suspicious devices

In Where You’re Logged In, click “See More”, and then “Log Out” next to unfamiliar devices.

Example
A session from “Firefox on Mac – Nairobi, Kenya” appears, but you’ve never been to Africa. Click “Log Out” immediately.

4. Recover your account if locked out

Use the official recovery page: https://www.facebook.com/login/identify

Enter your email, phone number or username. If you’ve set up trusted contacts, Facebook will prompt you to get help from them.

Make sure your contact info (email/phone) is still valid and accessible.

5. Report the breach to the cybercrime police

If your account was used for fraud, identity theft or scams, file a report with your national cybercrime unit. In Italy, go to:

https://www.commissariatodips.it

Complete the module and attach:

  • Screenshots of suspicious logins or activities.
  • Copies of emails/messages.
  • Details of how the account was used fraudulently.

In Italy, hacking a Facebook profile is a criminal offense under the Penal Code. Acting quickly helps limit damage and supports investigations.

How to secure your Facebook account

Even if you haven’t been hacked, you should take steps to protect your account. Prevention is the most effective form of cyber security.

Personal cyber security starts with simple precautions that we often overlook.

Let’s look at them in detail.

Set a strong password

Your password is your first defense. Avoid simple words, birthdates, or names. A strong password should:

  • Be at least 12 characters long.
  • Include uppercase, lowercase, numbers, and symbols.
  • Be unique for every service.

Use a password manager (e.g., Bitwarden, NordPass, 1Password) to generate and store complex passwords securely.

Enable two-factor authentication (2FA)

2FA adds a second layer of security. Even if a hacker gets your password, they won’t access your account without the second step — usually a one-time code sent to your phone or an authenticator app.

To activate:

  1. Go to Settings > Security and Login.
  2. Click “Use two-factor authentication”.
  3. Choose between SMS or an app like Google Authenticator or Authy.

Turn on login alerts for unknown devices

Facebook can notify you when someone logs into your account from an unfamiliar device. This feature is essential to stop Facebook hackers quickly.

Activate it here:

  • Settings > Security and Login > Get alerts about unrecognized logins.

Stay informed and ready to act.

Add trusted contacts

Facebook lets you set up to 5 trusted contacts who can help you recover your account if you’re locked out.

To set them up:

  1. Go to Settings > Security and Login > Choose 3 to 5 friends to contact if you get locked out.
  2. Add people you trust.

They can be lifesavers in case of a hacked profile.

Conclusion

A Facebook account hacked is more than just an inconvenience — it’s a security issue that can affect your identity, privacy, and even finances. Recognizing the signs of hacking, knowing what to do, and working with the cybercrime police are essential steps to protect yourself.

Most importantly, stay proactive: use strong passwords, enable 2FA, and monitor your account regularly. Prevention is your best weapon.

Frequently asked questions

  1. How do I know if my Facebook account was hacked?
    Check login history, activity logs, and contact details in your account settings.
  2. Who should I report a hacked account to?
    To Facebook through their help center and to the cybercrime police in your country.
  3. What is two-factor authentication (2FA)?
    A security feature that requires a second verification step beyond your password.
  4. How can I regain access to my hacked Facebook?
    Use your recovery email, phone number, or trusted contacts. If blocked, report to Facebook.
  5. Can I check if my personal data was leaked?
    Yes, via “Have I Been Pwned” or “Firefox Monitor”.
  6. How to file a report with the cybercrime police in Italy?
    Go to www.commissariatodips.it and follow the reporting steps.
  7. What does “hacked” mean?
    It means someone gained unauthorized access to your account or system.
  8. What is a hacked profile?
    It’s an account taken over by someone who is not the legitimate owner.
  9. How do I choose a strong password?
    Make it long, random, and unique — and manage it with a password manager.
  10. Are trusted contacts safe?
    Yes, if you choose reliable people. They’re useful for account recovery.
4
To top