There are many ways for hackers and scammers to use your Facebook account to do malicious things, and make it appear that YOU are the culprit.
Most hackers simply find a way to break into your account and use it to publish SPAM posts and malicious links or spread malware to your friends via chat or instant messages.
Luckily, those hackers and scammers can be easily kicked off and locked out of your account by changing your password and enabling Two-Factor Authentication, but the truly devious miscreants can cause you all kinds of grief long after you’ve booted them off and locked them out of your account.
Yes, the really serious hackers can actually keep using your account to send SPAM and spread malware even without being able to log back in to your account.
And how they do that just might surprise you…
First, the hacker either uses social engineering to trick you into revealing your password or attacks your account with a brute-force login bot to guess it.
Once the hacker has successfully logged into your account he can do anything that you can do with it, including post the aforementioned SPAM posts or spread malware to other Facebook users.
But there’s something else he can do that’s even more dangerous: He can enable malicious apps on your account that will automatically publish more malicious posts or spread malware in your name, and the hacker will never even have to log back into your account again
What’s more, unless you know what to look for you’ll have a very hard time figuring out what’s going on!
Luckily, you can easily protect your Facebook account (and yourself) from these back door hacking attacks by following the steps below:
1 – As mentioned above, change your password to something that’s easy to remember, yet virtually impossible to guess.
2 – Enable Two-Factor Authentication on your account.
Those two steps will lock the hackers out of your account for good.
Now, all of the above being said, did you know your Facebook account could be running malicious apps right now even if your account has never been hacked?
Truth be told, a high percentage of the malicious apps that are currently wreaking havoc on millions of Facebook accounts weren’t enabled by hackers at all. They were actually enabled by the account owner!
What often happens is a user will enable a legitimate app that isn’t malicious in any way, but then at some point the app is sold to a third party who alters the app to make it do malicious things.
Hackers also break into legitimate apps and alter them without the app developer’s knowledge or permission, causing every Facebook user who has that app enabled on their account to now be running a malicious app!
Regardless of how malicious apps ended up being enabled on your account, it’s extremely important that you track them down and remove them. Chances are you have one or more of them running on your own account at this very minute.
Luckily, it’s very easy to find and remove malicious apps from your Facebook account. Just follow the steps below for the device you use to access Facebook.
Follow these steps if you’re using the desktop version of Facebook on a computer:
1 – Log into your Facebook account.
2 – Click on your tiny profile picture avatar at the right side of the Menu bar located near the top of the Facebook window.
3 – Click Settings & Privacy and then click Settings.
4 – Click the Apps and Websites link over in the left-hand column. You should now see all the apps that are enabled on your Facebook account.
5 – Remove any and all apps that you don’t use and/or don’t remember enabling.
6 – (Optional) If you don’t use any apps at all (including games) you can disable ALL apps from being able to run at all on your account by clicking the Edit button under “Apps, Websites and Games” and then clicking Turn Off.
Note: If you click Turn Off you won’t be able to run any apps or play any games while you’re logged into this Facebook account. And yes, that’s what you want unless you do want to use a particular app or play a game.
That’s all there is to disabling unused and unfamiliar Facebook apps using a computer.
If you use the Facebook app on a mobile device, follow these steps instead:
1 – Log into the Facebook app.
2 – Tap the Menu icon (it looks like three horizontal lines stacked atop one another).
3 – Scroll down and tap Settings & Privacy.
4 – Tap Settings.
5 – Scroll down and tap Apps and Websites.
6 – Tap Logged in with Facebook. You should now see all the apps that are enabled on your Facebook account.
7 – Remove any and all apps that you don’t use and/or don’t remember enabling.
8 – (Optional) As mentioned in step 6 of the Desktop procedure listed above, you can Turn Off the setting under Apps, Websites and Games to prevent ANY apps, games and plugins from running on this account, and I recommend that you do so if you don’t plan to use any of them.
That’s all there is to removing unused and unfamiliar apps using the Facebook app on a mobile device.
Bottom line: Kicking hackers out of your account and preventing them from logging back in again is a great start at regaining control of your Facebook account, but you need to make sure you disable any rogue apps they might have installed as well.