If you suspect that your Facebook account has been compromised, it is recommended to change your password immediately. If you use Facebook as a login to apps such as Spotify or Instagram make sure you change the logins. This will prevent the hacker from accessing these third-party services through your compromised Facebook profile.
A hacked Facebook account can provide hackers with an unending supply of personal information. Hackers can make use of this information for nefarious reasons, such as sending out spam messages to people or sending fake credit card offers. They may also use the hacked account to send spam messages to friends, or even share a status update on your timeline that includes your name (as as if you did it yourself).
One of the most common ways hackers get into an account is to exploit an error in Facebook’s application code. A flaw in the iOS Facebook application allows hackers to take over cookies, and then steal the “access token” of an iPhone user. These tokens that are digital keys, allow them complete control over the user’s Facebook Account, and any other websites they log into with their Facebook credentials.
Hackers may also gain access to an account by using brute force attacks. This method involves figuring out passwords, typically the most commonly used ones like 123456789 and 1234567890. Lastly, hackers can also gain access to an account by sifting through compromised credentials. There are numerous free tools that can be used to check for stolen data, including a popular site called HaveIBeenPwned.