Some will fall victim to a hacked Facebook account. We’ve fallen victim before. It’s not too uncommon. Matters are made worse if you no longer have access to your page. It becomes increasingly worse when you no longer have access to the email associated with the account. So how is one best to proceed?
Begin with Your Local Police Department
Your focus should be on protecting yourself as much as it should be about stopping the cyber-criminal. It’s important to get the incident on file with your local law enforcement agency. Do this immediately. Any actions that this individual takes while having control of your account will be associated directly with you.
While the laws protecting individuals from hacking are scarce there are harassment laws that may help to protect you. Often times, it takes three or more incidents for local law enforcement to begin an investigation.
Having the incident on file will spare you from having to explain anything this actor does with your account. Be sure to convey that you no longer have control or access to the account. If you no longer have access to the email address associated with the account be sure to include that information too.
What you want to have happen here is to have a simple Police Report generated. It does not need to be a lengthy report. It merely should explain the incident and your limited ability to resolve it on your own. Local law enforcement agencies typically have limited resources. They may not go any further than having generated the Police Report. If you were threatened as part of the incident then that is a different story.
If you were threatened and feel that you might be in immediate danger call 911.
Gaining Back Control of a Hacked Facebook Account
One may recover their account by contacting Facebook directly. You will be asked to provide photo identification in order to gain back control of the account. Start the process from here.
This is the only way for you to gain back control of a hacked Facebook Account. What we typically advise our customers is to provide the photo identification that Facebook is asking for. Some are hesitant because the account is currently in the hands of a bad actor or personal communications exist in the account.
Once you have your account back change the associated email address and then change the password. This is akin to changing the locks on your doors after a break-in. Be sure to do it in the specified order. You may rest easy as you now have things back under your control and have stopped the cyber-criminal from any further misuse.
If any reputational harm had come from the hack you may choose to notify your friends of the hack through a post to your news feed. We recommend that you keep your focus on what comes of any digital forensics. If the posts did not cause any reputational harm there’s no need to tell your friends. Keep the incident private as you work towards resolution.
Close the Hacked Facebook Account
Lastly, download all of your Facebook content as you prepare to close the account. Why close the account? You just provided photo identification and have associated that ID with your account. You want to close the account to prevent further fall-out and misuse.
When creating a new account consider turning on Multi-factor authentication. This will help protect you going forward.
Hire a Digital Investigative Team
Obtaining the IP address will require you to have gained back control of the account. Consider that the actor may be using the Tor network in an effort to gain anonymity while carrying out the attack. The Tor network is a set of proxies that are used to hide one’s true IP address. It is the IP of the last proxy that will appear as the user’s IP if using the anonymity network. We, at Cyber Defense Contractors, can perform the investigative work on your behalf. You want to gather as much information as you can.
Once you’ve gained back control of the account review your “Security and Login” settings. There you will be able to hover over the entries under “Where You’re Logged In” to reveal the IP address of the login. To access choose “Settings” from the drop down. Then click “Security and Login“.
You may be most familiar with an IPv4 address. Consider that it may be an IPv6 address and is of a different format.
Contacting the FBI
If contracted to assist you in resolving a hacked Facebook account we would act on your behalf. Given your approval we may report the incident to the FBI at the Internet Crime Complaint Center (IC3).
You may want to handle the matter on your own. You can file the complaint yourself. If they consider that your situation warrants the effort they will be looking for the IP address of the actor.
Again, the IP address of the individual who accessed your account can be found in the logs of your Facebook account. If you no longer have access to the account you will not be able to get this information until you gain back control. If you are able to get the actors IP address have this information readily available prior to contacting the FBI.
Facebook Help Center
- Web Server Cyber Attack
- United States Data Breach Notification Laws
- The State of Broadband 2020
- Using Linguistic Phonetics for Secure Passwords
- FTC June 2015 Guidance on Data Security