Every week, the Facebook group Les Pro du Web receives a panicked post from a community manager who has lost access to their Facebook account due to hacking. We discussed this issue with Bruno Desjardins, a marketing solutions consultant who has handled multiple crisis situations over the past year.
In recent years, Bruno Desjardins says he has helped more than fifty people regain access to their personal or professional accounts, some of which had thousands of followers.
“We rebuilt the City of Châteauguay’s page, which had 17,000 followers,” he explains. “The same situation happened with Parc Safari: the old page was ‘verified’ and had nearly 100,000 followers… But due to a single misplaced click, we had to rebuild a new page.”
The consultant emphasizes one key point: there is only one way to get your account hacked, and that is by granting a hacker administrator access.
“The main problem is behind the screen,” he insists. “People are bombarded with so many requests that they can no longer distinguish between real and fake ones. This usually happens when people try to understand a message they received in their inbox; they click on ‘learn more’ in the message instead of ‘complete security check’… Lowering your guard just once can have major consequences.”
According to him, Facebook hacks are on the rise. And the new hacking strategies are ruthless: hackers disconnect profiles from the account center, effectively locking the administrator out of their personal and business accounts. Bruno Desjardins says he has helped more than ten people in the last three months with similar hacks.
What to Do?
If you’ve been hacked, Facebook provides a form to report the incident and recover your account, but the process can be slow and complicated—especially if hackers have changed the primary information. If there’s any doubt, Facebook locks accounts, and it becomes your burden to prove ownership, which is no easy task. And what if you can’t recover your account?
“You’ll need to create a new account and notify your followers via other channels such as Instagram or email. If your Facebook Pixel was active, use it to reconnect with your audience through ads. Save your followers in advance with a CRM to minimize damage.”
Preventive Measures
There’s no magic solution, but here are a few reminders to reduce the chances of hacking or limit the damage:
- Enable two-factor authentication (2FA) using an app like Google Authenticator.
- Limit the number of administrators and regularly check access permissions.
- Export your follower list or sync it with a CRM.
- Avoid suspicious clicks in messages or emails.
Bruno Desjardins strongly advises never clicking on a link in an email or Facebook message unless you are 100% sure of its origin. He reminds users that Meta never communicates with users via Messenger. The platform only uses two official email extensions: @metamail.com or @facebookmail.com.
“Everything else is spam.”
