Since you are reading this, I assume that your Ad account has been hacked (I hope I’m wrong though).
Do not worry. We can figure this out together.
It’s happened to me before – and I’ve had more than $3000 refunded.
We need to sort this out.
It’s not unheard of for business managers to suddenly run ads that are not to any page you own, and rack up a bit of money in ad spend. I’ve had a few people reach out to me about this issue.
The 1st thing is to check the settings – but also make sure to SCREENSHOT everything as proof and so you have that to show to Facebook.
Do not stress out if you seem to not be able to make changes. They may have gotten access to the account and actually added themselves under a name of someone who you find familiar because they copy the name. That’s how they go undetected.
Check the actual email address and you might find that it doesn’t seem to be a legit email.
Don’t worry though. I contacted Facebook Support and told them I was hacked, and showed them all the information and the ad spend was refunded.
Hopefully, some of these tips can help.
Here are what you can do when your Facebook Ad Account got hacked:
Kill the Ads Immediately
Go to your Ad Manager then turn off all ads running including your existing Ads as they might set up their trap inside your campaigns to blend into your Ad sets. Don’t turn it on until the issue has been resolved.
I know it’s hard to stay calm when this happens so make it a habit to visit your Ad account and know the quickest way to shut down your ads so when this happens, your mind will naturally know where to go.
The toggle switch lets you ‘on and off’ your Campaign and Ad Sets.
Change your password
Go to your Profile Setting and change your password immediately. When changing a password, you’ll be prompted to logout into all devices which you should confirm to make sure that the hacker will lose access to your account.
Call your bank and PayPal
Make sure to call your bank and/or PayPal immediately to inform them about the incident and block any transaction to prevent Facebook from charging you more.
In case you get charged before you realize it, you can still get your money back after reporting to Facebook and provide all the information they need for their investigation.
It will take time but I assure you, they will give back what you lost.
Report it on Facebook
You should inform Facebook as soon as possible by filling up this Unauthorized Charges form.
It usually takes 3-7 days before Facebook responds. But keep your patience high and make sure you provide all important details to prove the hacking such as Ad Account ID and screenshots.
Check your Facebook Ad account and see if there are suspicious people added to it.
As you know, you can add another person to manage your ad account so you can check if a profile you didn’t know was added by going to your Ad account setting.
In case you see a suspicious profile there, take a screenshot and include it in your report. Don’t forget to remove them afterward.
And if case you’re not sure if there’s an impostor on the people in your Ad manager, you may remove then re-add them.
When an Ad account is hacked, it is obvious that your actual Facebook profile has been hacked as well. Many Facebook Hackers target Ads accounts to give their business a boost.
Phishing and hacking are around the internet but there are things you can do to prevent them from takeover your account.
Here are what you can do to prevent being hacked:
Protect your Password
Use a strong password which usually contains at least one uppercase, lowercase, number, and special character, and should be at least 8 digits long.
As much as possible, do not log in to other devices or connect in public WIFI. If you use another device to log in, make sure to logout.
In case you forget, you can log out remotely at this link. On the “Where You’re Logged In” section, you can see the previous device you use. Click the three dots (…) then log out and you’ll be immediately logged out.
Never share your password with anyone. Though there are circumstances that you need to share your login information with someone else like your VA or team member, there are safer ways to do so. I personally use LastPass to share login credentials without giving the actual details.
Turn on the Security Login Alert by going to your Profile Security Settings.
Turing this on will keep you informed when your account was opened to ‘New Device’ and accessing your profile will only proceed once you confirm this activity using your phone, OTP sent to your mobile number, or verification code sent to your email.
Add Ad Spend limit
Add an Ad Spending limit on your Facebook Ad Manager to prevent unwanted charges and control your Ad expenses. This can lessen the damage in case you got hacked.
Limiting your ad spend stops all your currently running ads when reaching the threshold or the limit you set and will only reset on the following month.
Turn on notification to all Ad Account activities
Keeping yourself informed about everything happening to your ad will reduce the impact of the hacking. This gets annoying sometimes but getting notification from your Ad Account will keep you updated on your ad performance and take immediate action if necessary.
You may also install Facebook Ad Manager App on your phone to easily access your Ad Manager anytime, anywhere.
Lastly, make sure you share any important information only to trusted sites. Keep an eye on the website’s URL – it should have HTTPS. This means that data transfer on that website is secure. But as much as possible never share your bank information.
If you need help, you can drop a message on my Instagram at @presenceoptimization.
GET IN TOUCH – HELLO@JUNEAYE.COM