If you suspect that your Facebook account is compromised, you need to change your password immediately. Then, if you are using Facebook to log in to apps such as Spotify or Instagram make sure you change the logins as well. This will stop the hacker from accessing these services from your hacked Facebook profile.
Hackers can find many personal details in compromised Facebook accounts. Hackers could use this information for malicious purposes, like stealing credit card numbers and bombarding people with fake credit card offers or scams that involve phishing. They could also use the hacked account to send spammy messages to friends, or even publish on your timeline using your name (as as if you had done it yourself).
Hackers are most likely gain access to accounts by exploiting a flaw within the Facebook app code. A bug in the iOS Facebook app allows hackers to steal cookies and steal the « access token » of an iPhone user. These tokens, which are digital keys, allow them full control over the user’s Facebook Account, as well as any other websites they visit using their Facebook credentials.
Hackers can also gain access to an account by using brute force attacks. This method involves figuring out a password, often the most frequently used ones such as 123456789 or 1234567890. Hackers can also gain account access by scanning compromised credentials. There are several free tools that can be used to check for stolen information, including the popular website called HaveIBeenPwned.