Dear Kim,
Recently, my personal Facebook account was hacked, resulting in changes to my login credentials, along with the email and phone number associated with the account. I’m locked out of my profile.
Over the past 16 years, my Facebook account has become a digital scrapbook of cherished memories, a repository of moments shared with friends and family.
It has also served as a vital link to numerous contacts, both personal and professional, playing a significant role in my daily communications and connections.
This situation has left me feeling helpless and cut off from a significant part of my digital life.
I’m writing to seek your advice on how to proceed with recovering my Facebook account.
Thank you for considering my predicament. Your expertise in these matters is unparalleled, and any assistance you could provide would be of tremendous help.
— Benjamin in Huntsville, Alabama
Dear Kim: Recently, my personal Facebook account was hacked, resulting in changes to my login credentials, along with the email and phone number associated with the account. I’m locked out of my profile
Hi Benjamin,
First, you’re not alone in falling victim to a Facebook account hijacking.
Facebook is a big target for hackers and scammers. Think about this: Facebook has 2.989 billion monthly active users worldwide. In other words, about 37.2 percent of the global population uses Facebook every month.
Your first step: Go to Facebook.com/Hacked and alert Facebook that your account has been compromised.
You’ll need to enter your email address or phone number associated with the account.
Be sure to give every bit of info they ask for. The point here is to prove that you are you, the rightful owner of the account.
Radio show host Kim Komando offers advice to help people navigate the world of technology
Next, contact your friends. You’ll have to do this outside of Facebook, of course. Tell them your account was hacked and ask them to do you a huge favor.
You want them to also report to Facebook that your account was hacked.
They can do this by going to your profile, then select More or three-dot menu and then Find support or report a profile.
The whole idea here is the higher the number of reports that Facebook is getting, the better chance you have of getting back in.
You might be tempted by the online ads claiming that they can get your Facebook account credentials back – that’s a scam, so don’t fall for it.
Once you’ve reported your Facebook account was compromised, it’s a waiting game.
It could take weeks or months to hear back. In the meantime, open a new Facebook account and lock down all your other social media accounts. Each one needs its own unique password, and set up two-factor authentication anywhere you can.
Hi Kim,
My wife went on a trip to South America. She was standing on the street and pulled out her phone to find directions when a kid on a bike zoomed by and grabbed the phone right out of her hand.
She screamed (pretty loud!) but obviously didn’t get the phone back.
I called the service provider right away and they blacklisted the phone.
They said the phone is inoperative now, but we’re seeing strange activity because of all the apps and connected accounts.
What the heck do I do? I want to help her so she can enjoy her trip! I did file a police report, by the way.
— David in St. Louis, Missouri
Dear David,
You’re a good husband to write to me‚ and you were smart to call the service provider.
Unfortunately, there’s lots left to take care of. Just think about it for a second: So much of our digital lives are tied up in our phones. They’re worth a lot more than the cost of a replacement.
The kicker here, of course, is that your wife’s phone was unlocked because this jerk grabbed it while in use. That was definitely not an accident, by the way. More on that below. Travel insurance might cover the cost of stolen electronics, by the way.
Dear Kim: My wife went on a trip to South America. She was standing on the street and pulled out her phone to find directions when a kid on a bike zoomed by and grabbed the phone right out of her hand.
Here’s a to-do list. Quick? No, sorry — but these steps are necessary. Don’t worry, I’ll include directions for everything, too.
● Wipe the phone’s data remotely if possible.
● Call your bank and any other connected financial account and tell them about the theft.
● Change every single password that was connected to the phone — starting with her Google account and email.
● Swap the two-factor authentication number associated with her accounts.
● Set up a credit freeze.
● Consider a burner phone for the next trip.
Let’s get into the details
It’s great that you can wipe everything off a newer iPhone or Android remotely. The caveat is you have to set this up ahead of time, before you need to do it.
Turn on Find My for an iPhone
● Go to Settings > [your name] > Find My.
● Consider whether you want friends and family to know where you are. If so, turn on Share My Location.
● Tap Find My iPhone, then turn on Find My iPhone.
● To see your device even when it’s offline, turn on Find My network.
● To have the location of your device sent to Apple when the battery is low, turn on Send Last Location.
Turn on Find My Device for Android
● Go to Settings > Security > Find My Device. Or try Security & location or Google > Security.
● Make sure Find My Device is turned on.
While you’re in the settings, take a minute to document your phone’s fingerprint. Like any product, your phone has a serial number.
It also has an IMEI (International Mobile Equipment Identity). While the serial number comes from the manufacturer, IMEI numbers are standard across the industry.
Keep a record of these numbers in case you have to report your phone is stolen or missing.
When you find your phone’s IMEI number, take a screenshot of it.
Then, save that screenshot somewhere you can access it when needed. I keep mine in my photo cloud storage account. You can also print and store it in the phone’s original box or another handy offline place.
● iPhone: Go to Settings > General > About.
● Android: Go to Settings > About phone.
If you had Find My set up ahead of time …
When the phone is well and truly lost, you should remotely wipe the data stored on it to make sure no one else has access to it. This step is a last resort, and be prepared to lose data that was only synced to the phone and not the cloud.
Remotely erase your iPhone
● From another Apple device, open the Find My app and tap Devices, then tap your phone.
○ Tap Erase This Device to remotely wipe its data.
● Or sign in to iCloud.com/find and go to the Find iPhone feature.
○ Select your lost phone, then select Erase iPhone.
● Use a family member’s device to erase your phone if Family Sharing is enabled. You’ll see it listed in their Find My app.
Remotely erase your Android phone
● From another Android device, open Find My Device app and tap Continue as [your name]. Select your lost phone, and you’ll get information on its location.
○ When prompted, select Enable lock & erase.
○ Select Erase device to wipe its data.
● Or go to android.com/find and sign in to your Google account. Select your lost phone, and you’ll get information on its location.
○ When prompted, select Enable lock & erase.
○ Select Erase device to wipe its data.
It sounds like, sadly, your wife didn’t have this set up in advance, David. That’s why resetting all those passwords and 2FA settings comes in.
Her best bet is to set up Google Authenticator on her new phone. This way, she can get 2FA codes in that app and not via text message. It’s safer than relying on SMS. I have a full primer here if you need help setting that up.