Hack-proof your Facebook

Social media icons on phone

Written by Crystal

September 19, 2022

“I’ve been hacked! Don’t accept any friend requests from me.”

“I think you’ve been hacked! I just got a friend request from you.”

Have you seen those posts on Facebook? Or even worse, have you or someone you know ever lost access to your account because someone managed to get in and change your password, email address, and phone number? If you use a Facebook business page or a group to run your business, you want to avoid these issues otherwise you risk losing access to your Facebook business assets! There are a few key things you need to do to keep yourself and your business safe.

Set up two-factor authentication

The very first thing to set up is two-factor authentication, which will help prevent people from logging into your account without your knowledge. There are three authentication options you can choose:

  • Tapping your security key on a compatible device
  • Login codes from an authentication app
  • Text message codes from your smartphone

Most people use text message codes because they’re easy. The second method, a third-party authentication app, can be useful to manage two-factor authentication for multiple accounts (e.g., Facebook, PayPal, Microsoft, etc.). Few people use security keys, but they’re generally the most secure. They do require you to use an external device like a USB stick / thumb drive and you should set up a backup authentication mechanism in case you lose the device or forget to bring it with you.

Click below to see the instructions for setting up your preferred method.

Assign at least one backup Admin for your business page(s) and group(s)

If you ever get locked out (or kicked out) of your Facebook account, business page or group, you’ll want to have someone trustworthy who can either keep your business posts going or help you get back in. It doesn’t necessarily have to be someone who works in your business, but it does need to be someone you can trust, who will be careful with their own account (not clicking spam links, etc.), and whom you can easily contact.

There are several ways to add an admin to a business page, depending on whether it’s been updated to use Facebook’s New Pages Experience or you use Meta Business Suite to manage access. Click below to see the appropriate instructions for your situation.

Adding an admin to a group is much more straightforward, though they do need to be an active participant in the group.

Check what apps have access to your Facebook account

There are many games and apps that request access to your Facebook account, especially if they prompt you to save progress. Think of how many fun, new, popular games you’ve downloaded over the years. It’s easy to forget how many you’ve connected to your Facebook account. Back in 2015, there were at least two games that stole Facebook logins from people who connected their accounts. In 2019, a hacker gained access to personal Facebook data (among other information) by breaking into systems owned by the popular game Words With Friends.

The more apps that have access to your Facebook account, the higher the risk your information will end up in the hands of criminals. Use the instructions below to look through the list of apps and websites you’ve given access to your account and remove any you no longer actively use or don’t recognize.

Hide your Friends list

On the surface, it seems harmless enough to allow people to see who you’ve friended on Facebook. It can be fun to find out you have mutual friends with someone you didn’t realize knew each other. Unfortunately, there are people out there who will use friend lists to find targets for scam messages, where they’ll either send an infected link or ask for money, acting as if they’re you.

Profile photos and cover photos are, by design, publicly available to everyone with a Facebook account, so it’s easy for scammers to take these and set up a Facebook account using your name. From there, they go down the list of your Facebook friends and send friend requests so it’s easier for them to send messages. Most people have thankfully gotten savvy to this, but sometimes people click Accept before realizing it’s a fake account. Sometimes they assume it’s you but you’ve gotten locked out of your account so you’ve set up a new one. Once they accept the friend request, the scammer starts messaging; in some cases, they can be pretty convincing, especially if a lot of your posts are public.

Hiding your friend list makes your profile much less inviting to copy. Click the button below for the instructions on making your list private.

Periodically download your Facebook data

Our final step doesn’t protect your account or your data, but it does let you keep a copy of it just in case you are ever hacked and lose access to your account. This has happened to many people, including one prominent family who was using a public Facebook page to share the story of their young son who was seriously injured by a falling tree and eventually passed in 2018. Not only has the family lost admin access to the page, Stacy Halstead has lost access to her personal account. That’s over 10 years of pictures, videos and memories she can no longer see.

Think of all the pictures, posts and other information you’ve posted to Facebook over the years. If there’s any of it you would want to keep, make sure you download it every so often, so you have it just in case. Use the instructions below to download the pieces you want to keep, and store the backup in a safe location.

Need Help?

Setting up all of this on your own can be daunting! If you’d like to see me walk through all of this step-by-step so you can follow along and set it up in your account, I’m offering a class on Thursday, October 27th from 11 am to 12:30 pm US Eastern. Sign up below!

If you’d rather receive personal, tailored guidance, feel free to set up a private consultation. You’ll leave with everything fully configured, having complete confidence your account is safe.

You May Also Like…

Why your emails are going to spam

Why your emails are going to spam

With instances of ransomware and phishing attempts on the rise over the past few years, email providers are becoming...


Submit a Comment

Your email address will not be published. Required fields are marked *