The first thing you should do if you suspect that your Facebook account has been compromised is to change your password. If you use Facebook as a login for apps such as Spotify or Instagram then change the logins. This will prevent hackers from gaining access to these third-party services via your hacked Facebook account.
Hackers can find a wealth of personal information in hacked Facebook accounts. Hackers could make use of this information for nefarious motives, like sending spam to people or sending fake credit card offers. Hackers may also use compromised accounts to send spammy messages or post on your timeline (as in the event that it was you who was responsible).
Hackers are more likely to gain access to accounts through exploiting a weakness in the Facebook app’s code. For instance, a vulnerability in iOS’s Facebook application allowed hackers to hack cookies and get an iPhone user’s so-called “access token.” These tokens are digital keys that grant the user full control over the user’s Facebook account — and because of Single Sign-On, other websites that the user is logged into using their Facebook credentials.
Hackers can also gain access to accounts by using brute-force attacks. This method do free antivirus really work involves figuring out passwords, typically the most common ones like 123456789 and 1234567890. Also, hackers may gain access to accounts by sifting through compromised credentials. There are several tools for free that can be used to scan for stolen information, such as the popular website called HaveIBeenPwned.