Facebook account takeover

The Identity Theft Resource Center is known for helping victims of identity theft and other related crimes, including internet takeover. As the name implies, this is a form of targeted cybercrime in which someone gains access to one or more of your internet accounts and uses them fraudulently while pretending to be you.

Your mind might immediately go to your email account, your online banking site, or your credit card’s website, and those are definitely viable concerns. But there’s a whole other world of harm that a criminal can do with your internet accounts, especially your social media accounts.

“What? My Facebook account? Who would want to pretend to be me on Facebook?”

The truth is a lot of people. And they can do some serious harm with your social media accounts if you’re not careful.

A lot of internet users don’t realize how much of their online activity is actually routed through Facebook and other platforms, but anytime you’ve ever registered for a website or signed in through a button that says Facebook, you’re granting that connection. A hacker who takes over your Facebook account can easily navigate to other online accounts that you’ve chosen to connect.

Most often people will realize that once their account has been hacked they will have spam links posted on their wall or in messages to their friends. These links can lead to the infection of anyone’s phone or computer who clicks on them.  Malware can include keylogging or spyware which could lead to identity theft. Other hackers will message friends and family of the Facebook hackee claiming that the individual is in trouble and needs money. Still, others have had their accounts taken over and had hackers hold accounts hostage demanding a ransom payment to keep them from posting damaging material or in exchange for returning control of your account to you.

So what do you do if your social media account is hacked? Facebook and other sites have steps you can take through their help pages (Facebook’s can be found here).  Basically, you can start the process by requesting a new password and going from there to identify Facebook friends through images or using your “trusted contacts”.

One of the better options is to be sure you’re preventing problems before they arise with a few simple steps. First, make sure you’re using strong, unique passwords on all of your internet accounts. Also, make sure you treat your social media accounts just as carefully as you would your online banking account; you’d never walk away from a computer with your online banking still logged in or use “password1” as your online banking password (right?!), so be just as careful with your social media accounts. Finally, make sure you’re not accepting friend requests from people you have no actual connection to, even if it’s just a few mutual friends. Safeguard your accounts and be watchful for any suspicious activity; if you do see something strange—like a sudden flood of friend requests you don’t know or a message from someone that questions a weird post you supposedly put up—change your password immediately.

If you need help, contact the ITRC for free at 888.400.5530.

How much information are you putting out there? It’s probably too much. We are here to help you stop sharing Too Much Information. Sign up for the TMI Weekly.