What to do if your Facebook page gets hacked

George PhotiosIn light of the recent Facebook hacking of the UNSW brand page, George Photios outlines what to do if your page gets hacked and how you can prevent it from occurring. 

The attack on UNSW’s Facebook page over the weekend, presumably timed to coincide with its Open Day, is just the latest in a spate of cyber attacks on the world’s biggest social media platform.

While it may seem out of your control once your page has been hacked, there are a few things you need to do to restore the service and some simple things to reduce the risk of it happening in the first place.

Hackers get into a Facebook page through one of its administrators, not usually by hacking into Facebook directly. A page administrator likely clicked a bogus email link and typed in their password, which is then sent to the hackers.

These dodgy links can also be sent via Facebook private message that purport to be from Facebook claiming that its terms have been violated. If you click the link (to verify your page), it will then prompt you to enter your username and password again. If you ever feel like you’ve done something like this, it’s probably a good time to change your password.

Once hackers have gained access to your account the first thing they do is change any other administrators access rights, keeping themselves as the sole administrator of the account. Essentially, they’ve locked you out of the account.

From there, they’ll start posting to the page. Posts usually start relatively harmlessly but then can move on to be more graphic, as in the case of UNSW, or sinister posts throughout the hacking period.

The reality is that once your page has been hacked there is very little you can do directly. The first thing is contact your Facebook account manager (if you have one) and tell them what’s happened. They then submit the request to Facebook’s support office in the United States where it can rectified.

If you don’t have an account manager, contact a social media agency that does and see if they can help.

Most social media users are savvy enough to realise that the account has been hacked, so don’t stress. Post about it on other social networks (as UNSW did) and tell your followers that you’re working to have it resolved as soon as possible.

Once Facebook has received your request, they’ll reinstate you as an administrator, but won’t necessarily remove the hacker as an admin of the page. So, the first thing to do is to go into your page’s admin roles and remove any admins you don’t remember adding.

It is also vital that all Facebook admins change their Facebook password. It is likely UNSW didn’t change the admins or passwords after its first attack on Saturday, which is why they lost control of their pages again the following day.

Once your page gets hacked, there’s nothing you can really do but wait for Facebook to react.

However, if you change your passwords frequently, don’t click any suspicious links (never type your login details into a link emailed to you), keep on top of who is administrating your page, and don’t forget to log out of your computer, you can reduce the risk of your Facebook page coming under attack.

  • George Photios is managing director at digital marketing agency G Squared

Get the latest media and marketing industry news (and views) direct to your inbox.

Sign up to the free Mumbrella newsletter now.



Sign up to our free daily update to get the latest in media and marketing.