Theo thống kê từ Meta, mỗi ngày có hàng nghìn tài khoản quảng cáo bị tấn công, đặc biệt là các tài khoản liên kết với nhiều trang Fanpage hoặc phương thức thanh toán có hạn mức cao. Nguyên nhân có thể đến từ thói quen bảo mật kém, bị lừa đảo qua email giả mạo, hoặc cài đặt ứng dụng bên thứ ba không rõ nguồn gốc. Vậy làm thế nào để nhận biết, xử lý và phòng tránh tình trạng tài khoản quảng cáo Facebook bị hack? Cùng theo dõi bài viết này của SOC LUA !
Causes of an FB hacked ad account
Using weak or repeated passwords
One of the most common reasons for an FB hacked ad account is using simple, easy-to-guess passwords or the same password across multiple platforms. Once hackers obtain a password from one site, they can use it to access your Facebook Business or ad account.
Logging in on unsafe devices or networks
Logging into your account on public devices, free Wi-Fi, or someone else’s computer can expose your login data to theft. Keyloggers or malicious software can record your username and password without you knowing.
Phishing via fake emails, messages, or links
Hackers often send fake Meta emails or messages claiming your ad account has been locked or requires verification. When you click the link and log in, your information is stolen. This form of phishing is extremely common today.
Granting permissions to suspicious apps or users
Many users unknowingly grant admin or advertiser rights to unknown accounts within their Business Manager. Once hackers have access, they can change payment details, create campaigns, and spend your ad budget without your knowledge.
Warning signs your FB ad account has been hacked
Strange campaigns or abnormal spending
If you notice ad campaigns you didn’t create, sudden budget increases, or ads running in unfamiliar markets, your account might have been compromised. In particular, if your payment method is being charged for campaigns you didn’t run, act immediately.
Loss of access to Business Manager or Fanpage
A more severe sign is losing access to your Business Manager or Fanpage. Hackers may have changed your role or removed you from the admin list, resulting in complete loss of control.
Changes to login or security information
If your email, phone number, or security details are changed without your action, that’s a clear sign your FB ad account has been hacked.
How to fix a hacked FB ad account?
Immediately change passwords and log out of all devices
The first step is to change your password for Facebook and all linked accounts, including email and Business Manager. Then, go to “Security and Login” to log out from all other devices to prevent further unauthorized access.
Report the hacked account to Meta
Access this link: https://www.facebook.com/hacked and follow the instructions to report it. Meta will help you recover access, verify your identity, and secure your account against unauthorized activity.
If you manage a business ad account, contact Facebook Business Support directly for priority assistance. Provide evidence of ownership such as invoices, business ID, or payment information.
Remove suspicious access and review payment methods
Go to your Ad Account Settings and review the user list and permissions. Remove any unfamiliar users immediately. Also, check your payment methods to ensure no unauthorized cards or bank accounts have been added.
Scan your device for malware
If you suspect your device is infected with spyware, use trusted antivirus software such as Kaspersky, Bitdefender, or Windows Defender to scan your entire system. Hackers may install malware to continue monitoring your login activities.
How to prevent your FB ad account from being hacked
Enable two-factor authentication (2FA)
This is the most important security step. When you enable 2FA, you must enter a verification code sent to your phone or authenticator app every time you log in. This blocks hackers even if they know your password.
Limit access in Business Manager
Only grant access to essential users. Assign roles appropriately and avoid giving admin rights to everyone. Regularly check your user list and remove inactive accounts.
Avoid clicking suspicious links or fake emails
Facebook will never ask for your password via email or message. If you receive a suspicious alert, verify the sender’s address (it must be from @facebook.com or @meta.com) before taking any action.
Use a password manager and change passwords regularly
Use password managers like 1Password, Bitwarden, or Google Password Manager to generate and store strong passwords. Changing passwords regularly reduces the risk of long-term compromise.
Monitor ad spending frequently
Check your ad reports daily to detect unusual spending early. If you see a sudden increase or mismatched targeting, pause campaigns immediately to prevent further loss.
When should you create a new FB ad account?
In severe cases, recovering your old account may no longer be safe. If hackers have gained deep access or Meta cannot verify ownership, you should create a new FB ad account and only use secure payment methods.
However, make sure you have:
- Removed all previous access
- Updated security information for your email, phone number, and Business Manager.
- Enabled two-factor authentication for all admins.
This helps you restart safely and avoid repeating past mistakes.
An FB hacked ad account is one of the biggest risks for anyone investing in digital marketing. A single moment of carelessness could cost you thousands and lead to a total loss of control over your brand. Improving security awareness, monitoring ad activity proactively, and implementing preventive measures like two-factor authentication and access control will help you avoid serious damage.
Frequently Asked Questions
Yes. Once hackers gain access to your ad account, they can create campaigns and use your payment methods. That’s why you should check and remove payment methods immediately when suspicious activity occurs.
Always enable two-factor authentication, use strong passwords, avoid clicking strange links, and regularly review permissions in Business Manager. These are the most effective steps to protect your account from attacks.
