Skip to main content
Account RecoveryHome Users5 min read · Updated June 2026

My Facebook Account Has Been Hacked — What Do I Do?

Having your Facebook account taken over by a hacker is frightening. You may be locked out, your friends may be receiving strange messages from “you,” or you may have noticed activity you didn't do. Here's a clear, step-by-step guide to recovering your account and securing everything connected to it.

Try to Recover Your Account Immediately

If you can still log in:

  1. 1Go to Settings & Privacy → Settings → Password and Security
  2. 2Check Where you're logged in — remove any sessions you don't recognise
  3. 3Change your password to something strong and unique
  4. 4Enable two-factor authentication (2FA) immediately — use an authenticator app, not SMS if possible
  5. 5Review Apps and Websites linked to your account and remove anything unfamiliar

If you're locked out:

  1. 1Go to facebook.com/hacked
  2. 2Select "My account is compromised" and follow the recovery flow
  3. 3Facebook will offer recovery via a trusted phone number, email address, or trusted contacts
  4. 4If those have also been changed by the hacker, use the "No longer have access to these?" option and follow the identity verification steps

What Hackers Do With a Compromised Facebook Account

Once inside your account, attackers typically:

  • Message your friends asking for money or gift cards (claiming to be you in an emergency)
  • Use your account to run fraudulent adverts charged to your linked payment methods
  • Harvest your personal information and linked accounts (WhatsApp, Instagram)
  • Change your email and phone number to lock you out permanently

Check your payment methodsin Settings immediately — remove any cards stored there and contact your bank if any unauthorised charges have occurred.

Secure Everything Connected to Facebook

Facebook is often used to log in to other services via “Login with Facebook.” If your account was compromised:

  1. 1List every app you've ever signed in to with Facebook (Settings → Apps and Websites)
  2. 2Change the password on those services independently — don't rely on the Facebook login
  3. 3Check your email account — the hacker may have received password reset emails
  4. 4Check WhatsApp and Instagram — these are linked to the same Meta account

Secure all your accounts

Get your free Security Score and a personalised checklist — takes 10 minutes.

Get your free Security Score

Report the Hack to Facebook and Action Fraud

  • Report directly to Facebook via the Help Centre: search "report a hacked account"
  • If the hacker impersonated you to defraud your contacts, report to Action Fraud at actionfraud.police.uk — your friends who lost money will need a crime reference number

Frequently Asked Questions

The hacker changed my email and phone number. Can I still recover my account?

Yes. Use the identity verification route at facebook.com/hacked — Facebook will ask you to upload a photo ID to confirm your identity and restore access.

My friends received messages from my account asking for money. What should I tell them?

Tell them to ignore any further messages from your account and not to pay. Advise them to report the message using Facebook's in-app report function. If anyone paid, they should contact their bank immediately and report to Action Fraud.

How long does Facebook account recovery take?

If you have access to your recovery phone number or email, recovery is usually immediate. Identity verification via ID upload typically takes 1–3 business days.

Related guides