Facebook Hacked and Email or Phone Changed? Practical Recovery Steps

Plain-English recovery steps for a hacked Facebook account, especially when the email or phone number has been changed.

What to know first

Plain-English recovery steps for a hacked Facebook account, especially when the email or phone number has been changed.

What likely happened

When a Facebook account is hacked and the email or phone number is changed, the attacker may be trying to cut off normal recovery. They may also use the account to message friends, run scams, impersonate you, access connected pages, or damage reputation.

Do not assume the problem starts with Facebook. The attacker may have used a reused password, a compromised email account, a stolen session, a phishing page, or weak recovery settings.

What to try first

Start with Facebook's official hacked-account process. Use a trusted device and avoid random recovery services or people promising guaranteed account return.

Check your email for messages from Facebook about changes. Some platforms provide a limited-time way to reverse an email or password change from those alerts.

  • Use the official Facebook hacked account page.
  • Search your email for recent Facebook security notifications.
  • Try recovery from a device and location you used before.
  • Avoid paying strangers who promise guaranteed recovery.

Secure email account first

If the email account tied to Facebook is compromised, Facebook recovery will remain fragile. Secure the email account first: password, MFA, recovery paths, sessions, forwarding rules, filters, and connected apps.

If your email and Facebook reused the same password, assume other accounts may also be exposed. Use a password manager to replace reused passwords with unique ones.

Check password reuse and recovery paths

Social accounts often share recovery paths with email, phone numbers, cloud accounts, and old devices. Clean those up before assuming the attacker cannot return.

Review recovery email addresses, phone numbers, trusted devices, authenticator apps, backup codes, and connected Instagram or business pages.

Warn friends, followers, and page admins

If the account is sending suspicious messages, warn people using another trusted channel. Tell them not to click links, send money, buy gift cards, share codes, or accept payment-change requests from the compromised account.

If you manage business pages, ad accounts, groups, or creator channels, let other admins know. Review page roles and payment settings when you regain access.

For creators and public-facing people

For creators, streamers, athletes, executives, and public-facing local figures, social account takeover is not only inconvenient. It can affect reputation, business income, sponsorships, impersonation risk, and personal safety.

The work should include email security, account recovery paths, phone-number risk, manager or assistant access, privacy settings, impersonation reporting, and a plan for communicating with followers if something happens.

FAQ

Can anyone guarantee Facebook account recovery?

No. Be careful with anyone promising guaranteed recovery. Platform recovery depends on Facebook's process and the facts of the account.

Should I secure email before Facebook?

Yes. If email is the recovery path, securing email first can prevent the attacker from using the same route again.

Can 402InfoSec help creators or public figures?

Yes. 402InfoSec can help with digital security review, recovery-path cleanup, public-footprint observations, and practical hardening for high-trust or public-facing people.

Can you remove impersonation pages?

Removal cannot be guaranteed. 402InfoSec can help identify risk, improve account security, and guide practical reporting and preparation steps.

Sources and Notes

These references support the practical guidance above. They do not guarantee platform recovery, legal outcomes, or emergency response availability.

Need help applying this?

Start a lightweight conversation about the account, questionnaire, recovery path, or security decision in front of you.

Start a lightweight conversation