If you have gotten complaints from friends about a phishing link or message which you sent to them, and you have no idea about it; chances are you are dealing with a hacked Facebook messenger account. If you are seeing sent messages already read when you have not accessed them, then your account could also have a second user. No point dwelling too much on the problem, lets talk about how to recover a hacked messenger account.
How to know if your messenger is hacked? In the best cases, the hacker sends phishing messages to your contacts and connections, and in the worse cases, sends explicit and offensive videos, or outrightly tries to defraud them or beg for money while posing as you. Once the contact has read the message, there might be no way to recall it, but before trying to recover a hacked messenger account, you should send a disclaimer message to your contacts via messenger and your Facebook post, alerting them to ignore any message they received from you on your messenger as it has been hacked.
Also note that if it is your friend’s messenger hacked, you need to be careful because you could be next in line. Some users have reported trying to open a video sent from a friend, without knowing that the friend's messenger had been hacked. A few days later, they also notice the same video sent to all their contacts.
How to recover a hacked messenger account if you cannot log in
In some cases of hacking, you will still have access to your Facebook account, but in other cases, you may not be able to log in due to “suspicious activity”.
If you are locked out of your account due to suspicious activity, you will be prompted to change your password. Ensure that you choose a secure password that you have never used for that account before.
Once you Change the Password and login, all hackers will be logged out.
To effectively change your password, you need access to the email address or the phone number you used to set up the account.
How to retrieve a hacked messenger account if you are logged in
If you are logged in, send the disclaimer message first and then try to figure out where the compromising login was done from.
- Click on Account at the top beside your profile picture
- Go to Settings and Privacy > Click on Settings > navigate to Security and Login and click on it.
- It will show you devices where you have logged in recently, and the location. This helps you to identify where the hacker is, what kind of device, he is using, and the IP address.
- Still under Settings, now navigate to General and click on it. This should show you your general account settings.
- Navigate to Username and click the Edit button beside it. Change your username. This heightens the security of your account immediately and sends the hacker out.
After doing this, you should also change the username in your messenger application.
Open your messenger > Tap on your profile picture at the top left of the app on your android phone > navigate to username
The username should have changed to reflect the new one but if it has not, then change it manually. Ensure that it is the same username you used in your Facebook account and be careful of the period (.) and underscore (_).
How to change your password and block the hacker
After changing the username, it is time to change your password in your Facebook account so that you can totally lock out the hacker.
- On a desktop or laptop, log into your Facebook account > Click on Account at the top beside your profile picture > Settings and Privacy > Settings > Security and Login
- On your Android phone, the steps differ. Open your Facebook app > tap on the three horizontal lines on the top right > Navigate downwards to Settings and Privacy > Tap on Settings > Security and Login
- Under Login, you will see Change Password > Click the Edit button beside it.
- In the dialogue box, Enter your current password, Enter your new password, confirm your new password in the third box.
- Save changes.
Another easy way to retrieve a hacked messenger account
- Try to log in > Type the Username > click on forgot password
- You will be asked if you want to recover the password, click Yes
- Facebook will send a link to the email address linked to that Facebook account.
- Open your email inbox > open the message and click on the password reset link > set New Password. Ensure that you use a new and secure password you have never used before.
How to activate the two-factor authentication
Whatever option you apply above, once you have successfully secured access to your Facebook account and your messenger, you should consider activating the two-factor authentication to secure your account against further breaches.
This should secure both your Facebook and your messenger accounts.
- On a desktop or laptop, log into your Facebook account > Click on Account at the top beside your profile picture > Settings and Privacy > Settings > Security and Login
- On your Android phone, the steps differ. Open your Facebook app > tap on the three horizontal lines on the top right > Navigate downwards to Settings and Privacy > Tap on Settings > Security and Login
- Navigate downwards to Two-factor authentication and tap on it to edit.
There are different options available here.
- If you have the Google Authenticator App on your Android phone, it is the recommended option. Click on it and follow the prompts to complete the setup.
- The second option is the Text message option. If you choose this option, any time there is a login attempt from a new device (which you have never used before), a verification code will be sent to this number via SMS. You should note however that any number used for this option cannot be used to reset your password if and when you have the need to do so anytime again. This means that you should have an active email address linked to your account for a password reset.
Note: If you do not start the recovery process on time, the hacker might change the mobile number linked to your account, and this makes it even more difficult to recover a hacked messenger account. In this case, you can visit www.facebook.com/hacked and follow the prompt to report the issue to Facebook.