If you suspect that your Facebook account has been compromised, it is recommended to change your password immediately. Then, if you use Facebook to log in to apps like Spotify or Instagram change your logins too. This will prevent the hacker from gaining access to these third-party services via your hacked Facebook account.
Hackers can find many personal details in compromised Facebook accounts. Hackers could utilize this information for fraudulent reasons, like taking credit card numbers and spamming people with fake credit card offers or frauds involving phishing. Hackers can also use hacked accounts to send spam messages or to post on your timeline (as the case were you who made the mistake).
Hackers are more likely to gain access to accounts through exploiting a weakness in the Facebook application’s code. For instance, a flaw in iOS’s Facebook app allowed hackers to steal cookies and take the iPhone user’s “access token.” These tokens are digital keys which grant them full control of the user’s Facebook account, and through Single Sign-On, other websites the person logs into with their Facebook credentials.
Hackers may also gain access to accounts using brute-force attacks. This technique involves guessing the password, which is usually the most frequently used ones, such as 123456789 and 1234567890. Additionally, hackers can gain access to accounts by scanning for compromised credentials. There are numerous free tools that can be used for scanning for stolen data, including a popular website called HaveIBeenPwned.