top of page

Don’t let Criminals steal your Facebook Business (other platforms are available)

Facebook has been with us for almost two decades and over this time it has opened up the world like almost no other platform. As well as bringing together friends and family, it has also allowed smaller businesses to operate online cheaply and effectively. It is really good at allowing businesses to build their brand and to then monetise their ideas.

facebook logo

Unfortunately, cyber criminals also see the Facebook community as an opportunity to make money themselves from our region’s businesses. Whilst the methods that criminals use to hack Facebook accounts are many and varied the impact can be devastating and can often lead to a permanently lost account.

40% of businesses in our region reported that they had suffered a cyber-attack in 2022. That number actually goes up for sole traders and micros! The sad fact of the matter is that small is not safe – in the past 2 weeks the ECRC has been made aware of several small businesses in the region that have had their Facebook accounts hacked and lost access to their accounts.

One of the businesses lost several thousand pounds but both lost access to their customer database (essentially their Facebook Followers) and that means that they will have to start from scratch to re-build their business following. As importantly, all of their existing followers will be unaware of the hack and be vulnerable to approaches from the same criminals, posing as you.

How to reduce the chance of getting hacked

Gavin Saunders, Essex Police Cyber Protect Officer, has worked with victims of Facebook hacks for several years and has a lot of experience in dealing with these types of issues. As always prevention is better than cure and he advises that all social media users follow the following guidance to help protect themselves online.

1. Don’t click on any suspicious links. Short links or sensational-sounding videos are red flags for scam posts, according to the Better Business Bureau.

2. If you receive a notification that your account might be deleted or was hacked, log in directly through your browser rather than through the link provided in the message or email.

3. Review your account’s privacy settings regularly and adjust them to protect your information from people who are not connected to you. We also recommend reading Facebook’s privacy policies and terms and conditions to understand how your information and data are being used.

4. Create a strong, unique password and set up two-factor authentication on your account. Don’t share the authentication code with anyone.

5. If you receive an odd or unusual message from a friend through Facebook, get in touch with them outside of Facebook to confirm that the message is real.

6. Be on the lookout for strange typos or wording signalling the scammer may not actually be who they say they are.

7. Never share personal information like your social security number or credit card info through Facebook Messenger or any other Facebook platforms.

8. Delete friend requests from people you don’t know.

9. If you are hacked, then go to Facebook and follow their guidance – but remember – you may never get your account back so do not rely on this to get you out of trouble.

Back up your contacts today and get back up and running following a hack.

As discussed above, if you lose your account then you lose your followers, or customer list. From our experience you will rarely, if ever, get access to this again – so our advice is back up your Facebook data and keep it offline.

There are a couple of easy ways to start this process:

  1. FB helpfully produce a guide on their own website

  2. If the user has an Android phone you can also do it this way:

    • Download and install Facebook app on your Android device from Google Play Store. Facebook app is necessary to sync your contacts with Android.

    • After installing Facebook, go to your Android device settings by tapping on the Settings icon on the home screen.

    • Once you are in Settings, scroll through the menu and search for “Accounts & Sync” option. Then tap on it to go to Accounts and Sync settings. Note: In some devices, this option will be named as “Users & Accounts” or just “Accounts”. Just tap on it and follow the next instructions.

    • In Accounts & Sync page, scroll down to the bottom and then click on “Add account” button.

    • Select the Facebook option from the list and enter your Facebook email address and password and tap Login to add your Facebook account to the account list on your Android device.

    • Now, check the “Sync Contacts” option and then tap on “Sync Now” button to sync your Facebook contacts with Android.

If you keep a copy of your customer list this will hugely alter the impact on your business, as you can quickly set up another account, download your customers and let them know you’ve been hacked, protecting them, and giving you a fighting chance to keep your business alive.

Further guidance & support

You can contact the Cyber Resilience Centre for guidance and support through our e-mail or use our online booking system to make an appointment with one of our team.

Take a look at our affordable services packages provided by university students and designed to help you root out cyber vulnerabilities and upskill your staff with the knowledge and skills they need to reduce the risk of you your business becoming another victim of cybercrime.

We recommend that all businesses in the Eastern region consider joining our growing community as a free member. Core members receive regular updates which include the latest guidance, news, and security updates. Our core membership has been tailored for businesses and charities of all sizes who are based across the seven counties in the East of England.

The ECRC is a policing-led, not for profit, membership organisation, with the aim to increase the cyber resilience within small and medium businesses within the East of England (Hertfordshire, Bedfordshire, Cambridgeshire, Norfolk, Suffolk, Essex, and Kent).

Reporting Cyber Crime

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to or report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).

Policing led - business focussed.


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the East is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page