Facebook Account Hacked? A Practical Recovery Checklist (Independent Guidance, Australia)

Facebook Account Hacked? A Practical Recovery Checklist (Independent Guidance, Australia)

If your Facebook account has been hacked or taken over, the goal is to regain control using Facebook’s official recovery steps, and then secure your wider digital footprint (email, passwords, devices). This guide walks you through what to check first, what Facebook is likely to ask for, and how to reduce the chance of repeat compromise.

Independence notice: SafetyNet Cyber Security is an independent Australian cyber security business. We are not affiliated with, endorsed by, or authorised by Meta, Facebook, or Instagram. We provide third-party guidance to help you use official recovery and appeal processes. Meta makes the final decision on account access, and outcomes cannot be guaranteed.

Why Facebook takeovers are higher-risk than people expect

A hacked Facebook account can be used to:

• message friends and family to request money or links,
• run scams through Marketplace,
• access connected Pages or Business assets,
• attempt unauthorised ad spending (where applicable).

Treat it like an account security incident, not just a password reset.

The Australian Cyber Security Centre has reported high volumes of cybercrime reports in Australia in recent years.In 2022 alone, the Australian Cyber Security Centre reported an average of 164 cybercrime reports per day, with a significant number involving Facebook compromises:

‍

Step 1: Confirm it’s a takeover (common signs)

You may be dealing with a compromise if you notice:

• password reset emails you didn’t request
• email/phone number changed without you doing it
• friends receiving unusual messages from “you”
• new admins added to your Page (if you manage one)
• unfamiliar posts, friend requests, or Marketplace activity
• login alerts from unknown devices or locations

If friends report messages asking for money, tell them not to engage and to report the messages.

Step 2: Triage, what to do first (before deep recovery steps)

1) Check for a still-logged-in device

If Facebook is still logged in on any device or browser you trust, you may be able to:

• change your password immediately,
• remove unknown devices from account settings, and
• update contact details.

Even one remaining session can be enough to regain control.

2) Secure your email account

Facebook recovery often relies on your email. If your email is compromised, recovery becomes much harder.

Minimum steps:

• change your email password
• enable two-factor authentication (2FA)
• check forwarding rules and blocked sender lists so Facebook emails aren’t being filtered or redirected.

3) Avoid repeated “guessing” attempts

Too many rapid recovery attempts can lock you into loops. Go step-by-step and keep notes on what you tried and what changed.

Step 3: Use Facebook’s official recovery pathways

Option A: facebook.com/hacked

This is Facebook’s main guided recovery page. Follow the prompts to:

• confirm suspicious activity,
• reset your password (where possible),
• and secure your account.

Option B: facebook.com/login/identify

If you can’t log in, use the identity lookup flow:

• try email, phone, or username
• if those fail, try your full name and approximate details
• if you know it, use your profile URL (often faster than guessing usernames).

Tip: Use a device and browser you’ve previously used for Facebook, as familiar devices can sometimes reduce friction.

‍

Step 4: If your email/phone was changed

If the hacker changed your login details, you may be asked to:

• confirm previous contact information,
• confirm past passwords, and/or
• complete identity checks.

In some cases, Facebook may request ID verification. If you reach an ID upload step, follow Facebook’s instructions carefully and keep your information consistent across submissions.

Important: If a recovery path asks you for details you no longer have access to, don’t improvise. Incorrect submissions can slow resolution.

‍

Step 5: After recovery, secure your Facebook properly

Once you regain access:

• set a new, strong password (unique to Facebook)
• enable 2FA (authenticator app preferred)
• review logged-in devices and remove anything unknown
• review email/phone and remove anything you didn’t add
• check connected apps and remove anything you don’t recognise
• if you manage a Page, review Page roles/admins and remove unknown access

If your account was used to scam others, post a brief warning to contacts and advise them not to send money or click links.

Need help navigating the recovery steps?

SafetyNet Cyber Security provides paid, independent guidance for:

• Hacked Facebook account recovery
• Disabled Facebook account recovery

We guide you through Meta’s official recovery and appeal steps and help you secure your accounts afterwards. We do not bypass security, impersonate Meta, or claim “inside access”. Meta makes the final decision on account outcomes and outcomes cannot be guaranteed.

Contact SafetyNet Cyber Security
Phone: 0434 791 357 (Nick)
Email: nick@safetynetcyber.com.au

‍
Or complete our enquiry form and tell us what you are seeing on-screen.

‍