One minute you’re scrolling through family photos, and the next you’re locked out.
Even worse, the hacker is now accessing your personal information, messaging your friends for money or making posts under your account to scam those who trust you.
Money Talks News reader Susan M. became concerned about this possibility after reading my article about my own brush with a social media fraudster, “I Almost Fell for This Facebook Scam: 5 Red Flags You Should Know Too.” So Susan wrote in:
“This was such a good article and left me wondering — how can one keep their Facebook account from being hacked or taken over?”
Getting hacked is a scary thought. To find out how to prevent it, Money Talks News reached out to Eva Velasquez, CEO of the Identity Theft Resource Center, a nonprofit devoted to helping victims of and educating the public about identity theft, fraud and scams.
Here are the top ways to secure your account, ranked by Velasquez:
Good: Establish a strong password baseline. The foundation of security is a strong, unique password that isn’t used for other accounts.
Better: Enable multifactor authentication. A password alone isn’t enough. You need a second lock. Multifactor authentication (MFA) requires two things to log in: something you know (your password) and something you have (such as your phone or email). Velasquez advises enabling MFA immediately. When you get an MFA code, she says, “Never share it. Period.”
Best: Upgrade to passkeys. If you want the highest level of security, Velasquez recommends enabling passkeys, which replace passwords entirely. Instead of typing a code, you use the biometric security you might already use to unlock your phone, like your fingerprint or Face ID.
Additional tips for securing your social media accounts, from Velasquez and other experts, include:
Remove linked accounts: Over the years, you’ve probably used your Facebook login to sign up for dozens of quizzes, games and apps. These connections create backdoors into your account. Velasquez says that you should audit these third-party apps regularly. Go to your Facebook Account Center settings and remove any apps you do not recognize or no longer use.
Adopt a skeptic’s mindset: Technical tools are great, but your brain is better. “Adopting a more skeptical mindset whenever you engage with anyone on social media will also help,” Velasquez says. “Regardless of how legitimate the ask sounds, it’s not.”
Keep software updated: Criminals often exploit weak points in older software to gain access to your device. Software updates often include security patches, so staying up to date is a great way to keep scammers out, as noted by the FBI.
Avoid public Wi-Fi for logins: The FBI urges against using public Wi-Fi networks (like those at coffee shops or airports) for any sensitive activities, such as making a purchase or logging into personal accounts. If you log in to a social media account while using public Wi-Fi, a hacker nearby could intercept your information. If you have a personal hotspot, use that instead.
Provide fake answers for your security questions: When setting up account security, treat security questions like passwords. If a site asks for your mother’s maiden name or high school mascot, don’t give the real answer — hackers can easily find that information in public records. Use a random but memorable phrase instead. Also, the Federal Trade Commission advises that you skip questions with limited or guessable answers, like the color of your first car.





















