I recently had the unpleasant experience of discovering that someone had hacked my facebook advertisers account and set up an ad to spend £1200 per day! Here’s what I did about it, and the response I got back from Facebook.

It’s your worst online nightmare. Someone with bad intentions getting into your accounts.

I’ve been online since the beginning of time (OK, about ’96) and to be fair, this is the first time anything like this has happened to me. It feels truly horrible.

In the immediate aftermath of dealing with it as best as I could, I looked to the Web for stories about hacked facebook accounts, looking for reassurance that my case would probably be resolved.

Scarily, it was difficult to find much! There was one thread on a community forum inside facebook where someone had posed a similar question, but the lack of response was worrying…

So I decided to write up my experience in the hope that if it’s just happened to you, and your Facebook ads account has just been hacked, you might find this post and be reassured. I’ll also include some tips from any “lessons learned” along the way.

My Facebook Ads account got hacked

I’m not a huge facebook advertiser. My entire history is limited to a handful of campaigns, and only ever spending small amounts (less than £20). Just dabbling, really.

At the time my ads account got hacked, I had no ads of my own running, and the last one I ran was about three weeks prior.

The first sign my fb ads account had been hacked

I received an email from PayPal informing me that Facebook had taken payment for the sum of about £22. This was late Friday afternoon.

I remember thinking that it seemed slightly strange, but assumed it was for the previous run of promoted posts I’d ran a few weeks prior. The amount seemed about right, if a little higher than the limit I had probably set.

I thought little more of it.

Within a half hour, I’d received another email from PayPal, and guess who had taken more money? Yep, Facebook of course, and this time they had taken a further £42.

Ok, alarm bells. Something is not right.

Lesson learned: if you receive emails regarding payments to Facebook for ads run on your account, log in to Facebook to check the activity in your “Advert Manager” area.
fb ads manager

There are probably phishing scams out there too, so don’t click on any links in the email. Open a new browser window and go direct to Facebook from your address bar.

The shock discovery in my Facebook Ads account.

When I logged in to Advert Manager, I could see the evidence of the two recent bills. I could also see that there was an “outstanding balance” of over £100!

Most shockingly, there was an advert running that I did not recognise, and that I certainly had not created. Hideously, it was set up to spend up to £1200 per day, and had already breezed through just over £168.
I nearly died.

hacked facebook ads account

My Facebook Ads account had been hacked!

My first priority was to deactivate the ad so that it didn’t continue to burn through the budget. If I did nothing, this sucker was going to drain me of £1200.

Action 1: kill the ad!

In my state of mild panic, I couldn’t immediately remember how to turn an advert off! I clicked into the ad and saw that I could limit the daily spend, so I knocked that down to just £5.

Looking at the overview again, I remembered the obvious slider switches that allowed me to deactivate the ad.

Click/Swipe the slider to turn the advert off
Click/Swipe the slider to turn the advert off

Phew, it was off.

But how had someone accessed my account?

I have absolutely no idea, but my first action after shutting the ad down was to change my password. If someone out there had somehow accessed my account with my password, I needed to change it ASAP.

Action 2: change your password.

Fb will make you change it again after you’ve reported the issue, but you need to do it at this point for immediate protection.

Change your password!
Change your password!

While you’re changing your password you can also opt in to get notified every time your account is accessed from a new source. This could help you in future, so say yes.

Onward. With damage limitation in place, the next step was to address how I could get my money back.

Reporting a hacked ad account to facebook.

This wasn’t terribly easy or intuitive. I’m happy to conduct most interactions online and fully understand the “channel shift” ethos within a professional customer services setting.

But sometimes you just need to speak to a real person, don’t you?

Let’s face it, when this happens to you, you have been robbed. It’s a personal violation and it’s very unnerving. You want to make sure that you’re taking the appropriate steps and to be reassured that it will all be sorted out.

To speak to someone at Facebook would be very helpful.

Forget it – this is not going to happen.

You won’t get to speak to anyone at Facebook.

It turns out that there are various ways and multiple forms that you can use to alert Facebook about a hacked ads account.

I ended up submitting my case via two different forms that both seemed appropriate. Reflecting back, I think either form would have resulted in the same outcome, so it probably doesn’t matter which one you use. Just report it.

Use this form to report your hacked fb ads account. As you select options, new sections of the form will appear.

Tip: supply all the info that’s requested and write a concise account to help the fb staff.

Give as much info as you can, but be concise.
Give as much info as you can, but be concise.

After submitting your enquiry, you get a message saying they’ll look into it and be in touch. The forms I used suggested a likely response time of 1 working day. (It took longer)

I phoned PayPal.

The great thing about PayPal in this situation is that you can phone them and actually speak to a person!

After explaining the situation, PayPal explained that I would need to contact Facebook regarding the refunds of the two amounts taken.

Paypal were able to immediately de-authorise the link between my Facebook and PayPal account. This means that Facebook would not be able to take the amount they said was still “outstanding”.

This felt like a good safety net, in terms of damage limitation, and in a situation where fb might not respond to help requests, I’d certainly have their attention if they were failing to collect payments they thought were due.

How long did Facebook take to reply?

I got my reply after three working days (on Wednesday afternoon, so I’d actually gone FIVE days between the incident, and hearing from fb.

This felt like quite a long time to wait and one wonders how much quicker they might be if they refined the process so that people didn’t feel the need to submit their help requests several times via different forms because it’s so messy and unclear.

How Facebook responded to my hacked ad account.

I’m pleased to be able to say that Facebook acknowledged that my account had “been compromised” and that they then refunded the two amounts that I had been charged via PayPal.

Great news!

But it was frustrating to log in and discover that the “outstanding balance” of just over £100 was still there!

So it’s was necessary to start over with a new form, re-tell the story all over again and request that they scrub the outstanding balance.

Another three days later, I received an email saying it had been done, and apologies for the inconvenience.

Actually, one positive part of this process is that when you do get a reply from fb, you can just email them back and continue the thread of conversation if necessary. It’s not just a “no-reply” address.

One final annoyance.

For some reason, despite being able to deactivate the rogue ad, I was not able to edit or delete it.

It didn’t feel great to have it sitting there in my account. I replied my guy (whose name was actually Guy!) and he seemed to tweak something and eventually I was able to delete it.

Confidence restored in my facebook ads account?

Hmm, that’s a tricky one.

Yes, I am pleased with the outcome. I got the refund and they cancelled the charges, as it was plainly obvious that the ad was created by someone other than myself, to promote something that was nothing to do with me.

But I am now more cautious. I still have no idea how the breach occurred.

Final tips on securing your facebook ads account

There are a couple of additional precautions you can take that might help protect your account in the event of it being compromised.

Set up security alerts (login alerts)

You can be notified if your fb account is accessed from a new device. These are called Login Alerts and you can access them via the Security menu.

Turn on your fb login alerts
Turn on your fb login alerts

Put limits on your Ads account

You can edit your billing threshold and your spending limit, within your ads account.

This could help reduce the damage of a rogue ad. Even if the hackers changed these settings, the system should notify you about the change, so that in itself would be a useful warning to investigate your account.

Set low figures on your threshold and spending limits.
Set low figures on your threshold and spending limits.

Last words

I hope that most fb advertisers will never need to read this article.

But if you have ended up here, I’m assuming that you have also been hacked, and I hope that the post provided you with a) some reassurance that you are likely to recover the charges and b) some helpful advice to help keep your account secure in future.

Was your fb ads account hacked?
Did you get the money back?

Please share your story in the comments!

Sorry – I have closed the comments because of all the spammers trying to post fake recovery services…

Reader Interactions


  1. The same thing happened to me today. I realized it when I was receiving some “Likes” about an ad I’ve never posted, in fact I’ve never used Facebookd ads service before. Instinctively I followed your described process, but contacting Facebook is really challenging…I can’t understand why such a large company can’t provide a phone support for those emergencies.

    Damages on my end are limited to about $40 for now, but still I had to put a hold on my account for anything that would come from PayPal as some transactions that were supposed to hit my account tomorrow were for a total of $1200, and not only from Facebook.

    It’s unnerving to say the least and a lost afternoon dealing with this at work…

    • Carbon copy of my experience.. The amount of time I have lost, is all out of proportion to the amount that was leached out of my paypal……….. A telephone conversation with FB could have resolved this more easily…Still out there at the moment, very frustrating indeed.

  2. This happened to me last August 25, 2016 when I noticed unauthorized use of my account, I discovered that I was made as an Advertiser by a fraudulent company along with few more people from different parts of the world, unfortunately, the case was not resolved and I do not get to boost my Ads again. I had reported the incident many times and their response was far from positive. I was asking them if I can settle only the amount that I legitimately used and the Ad placed on me be waived and investigated, it was bad that they could not do anything about it. I really need a help since I want to restore my Boost buttons back.

  3. I to was also hacked. But these people didn’t use my own money which is strange. I run a blog and use a Facebook page for my blog in order to reach more people. I had only ran one ad in my life from my page. About two months ago I had noticed a new FB page was made as me as an admin about some dog in a movie. I tried to delete the page and it said it was disabled but I had to wait 14 days to completely delete. So I waited and it deleted and I moved on with my life. Last week I went to run my second ad ever for my page and it said boost unavailable so I logged in and saw two ads I had never seen before. One for the dog page and one for smoothie king? I kid you not smoothie king a big franchise! It didn’t say I owed any money but my credit card had been removed and it did say my ads account was disabled because of suspicious activity and to contact Facebook and verify identity. So I tried and basically got a generic email back after explaining everything that my account had violet facebooks terms of service and they couldn’t reinstate my account for the safety of others. I am beyond furious because I didn’t violate anything a hacker did and I am being punished for it. Facebook never even sent me an email about my account being flagged! I check my emails daily!

    • Hi Marie, my FB ads manager also has been hacked, someone else was advertising from it, creating 11 ad accounts (Outstanding Balance = 382 USD) and Facebook was restricted my account and no way to recover it.
      Please I would like to ask you if there is any other way to solve this problem since you have already encountered the same problem.
      Thank you.

      • Happened to me a few years ago. I have never had an ad over $30 and it had been a couple years since I created an ad. My payment method was set to PayPal. Someone hacked me for a $250 ad! I called the bank first who gave me my money back. Then I contacted PayPal who contacted Facebook. PayPal said Facebook somehow proved that it was my ad. My response was of course it “looks like” I approved it because they hacked into my account! In the end the bank took my money again and gave it back to Facebook. It is unlikely you will get anything back. Write it off and never ever have any type of credit card or bank account or PayPal attached to your Facebook anymore. If you create an ad then create it and pay for it and delete your payment method immediately. I’m reading over these comments because now my husband has had his account just hacked into. He’s been doing little $20 ads to sell a large item but they’ve been happening every day which he did not do and the number keeps increasing. We have a new one today for $125. I told him get your credit card out of there now!

  4. This happened to me last week and I am still waiting for facebook to get back to me, they have only asked me to fill in another form so-far. Its Wednesday Evening now and this FIrst Happened on Friday (I think the hackers chose that day as the banks are closed and not as many people will be watching their accounts maybe). They set up Facebook and Instagram ad campaigns which ran over night (when I was sleeping).. I am currently £208 out of pocket – I had my account linked to Paypal as I had previously used facebook to advertise a product a few years ago so everything was in place. I have been forced to change my password (expected) and my ads account has been suspended (a good thing) but what frustrated me is the time it takes facebook to respond to something so serious. One ad was costing me £4.96 per click so you can imagine how fast the money was flowing out 🙁

    • This happened to me on Tuesday 21st. I have a business manager account as I work across lots of accounts and spend a substantial amount of money with FB. No money was spent as I noticed the doggy ad before it went live. However I use the same payment source across campaigns which has now been stopped by FB. I have contacted them five times a day to resolve this issue. They are a joke, and seem totally incapable of dealing with or resolving the situation. Four days latter and they cant even say when the issue will be resolved. I am now losing clients as I cant run campaigns for them. Once my Google MCC account was hacked, it took them just 2hrs to arrange a credit and have me account live again. FB are beyond rubbish and hide behind online help.

  5. Hi! Your article is a bit comforting to me now, saying that you got a refund at the end of the day. This happened to me the other day, only that this was the end of the month too and facebook charged my bank account directly with about 135 pounds. I was shocked and didn’t know what to do. I tried to contact facebook any way I could it is really challenging to say. I hope I get a reply soon, cause I am freaking out all over this problem.

  6. just happened to me as well. I’m waiting for facebook to respond and my bank to process my application for this fraud. this is outragous.

  7. This recently happened to me and Facebook has not responded after 10 days. Our team is really anxious to get this resolved to we can proceed running ads for some upcoming campaigns. Where do you find the form for hacked ads? I’m only finding ones for payment inquiries which are not getting me anywhere. Thanks so much!

    • Just fill that form. The information on this article is a bit outdated regarding that form. Just choose the transactions from that page and add a detailed response along with some screenshots of the hacked ad account where you can see the transactions.

  8. One additional advice i would like to add:
    Check your recent friends you have added. Sometimes you add a person and invite them to your page. It might be a hacker. Check for Admin roles in both your pages and ad management account.
    This happened to me when i discovered a person i added to my friend list and invited to a page is somehow a hacker who set their role as admin to my ad account. I was able to remove them from the list but they have created ads worth Rs.52000 from my ad account in 3 days!
    Reported today, still waiting to hear back from FB. They are investigating.

    • Hello Shank,

      This same happened with me as well.
      Does Facebook refunded the amount?

      I got a mail from Facebook saying wait for 3 days.

  9. Hey, the same happend to me. I got notification from my bank that someone was trying to use my credit card, but used wrong exp. date. Today I checked the ads on facebook and I can see that someone bought ads using wierd card numer, but now I also have autsating balance/ I reported it to facebook, change verything, deleted payment method. I want to delete ADs manager account on Facebook but now I can’t because of balace. Do you think this is common? Will facebook clear my balance?

  10. Thank you so much for sharing all this!! It’s a scary thing seeing money being drained from your account! 🙁

    The link in your article for the form we can use to report a hacked Facebook ads account, goes to a slightly different form now: “Ads Payments Inquiry.” There doesn’t appear to be an option to report a hacked account now, but the closest I could find was: “Process a refund or clear my outstanding balance.”

    I used that option and sent an email explaining the situation, to which I received a very quick reply stating that they could not refund me because the ads were run according to my settings. (I think it was an auto-responder, not a real person, as it was so fast).

    I clicked a button to “reply” and “reopen the case” – then I gave a more detailed explanation, complete with a SCREENSHOT of the ad. I explained how it was obviously written by someone who doesn’t have a grasp on the English language, promoting a product that has nothing to do with my brand.

    I am waiting now (days, perhaps?) to receive a reply. Thankfully, was able to catch PayPal to freeze the payment before it went through.

    Really appreciate your help with this! I may have just panicked without this step-by-step guide! I appreciate you. 🙂


    • Did you ever get back your $7,000? I just found out I was hacked and lost $6,000. Just reported to Facebook and am anxiously waiting for a reply now

      • Hi did you get a response ? Mine hacked a week ago and it’s been escalated both my accounts deactivated due to fraud

  11. This has just happened to me today. £800 in two hours. I’ve deleted the ad, changed passwords, phoned the bank and raised 3 different reports with Facebook. Right now my confidence in them is completely shot. If I hadn’t happened to check the ads account today our account would have been emptied in hours.

      • The same thing happened to us, did you find the form to report it to facebook? The form in the post doesn’t seem to link the the correct thing.

  12. My personal account was hacked and charged over $1,350 for some fraudulent ads. Ugh. Because the nature of the ad violated the Facebook guidelines (used text inappropriately or whatever) they’ve suspended my account. This funnels all my support requests to an automated reply telling me to review their procedure on ads and immediately closing my case… not addressing the fraud. Anybody have any advise here?

    • Hi Greg
      Really sorry to hear about your situation Greg. My account was also hacked early Jan 2020. FB accepted my account had been compromised and I got the money back but my account has been suspended because of the nature of the ads. Despite numerous appeals they have not reinstated my advertising. I run a a digital marketing company (new start-up) and this has lead to lost customers and me very probably closing my business. Did you ever get you advertising reinstated? If so, I’d appreciate any directions/help/tips.

  13. My account was also hacked early Jan 2020. FB accepted my account had been compromised and I got the money back but my account has been suspended because of the nature of the ads. Despite numerous appeals they have not reinstated my advertising. I run a a digital marketing company (new start-up) and this has lead to lost customers and me very probably closing my business.

    My account was hacked, FB themselves confirmed this. Yet one month on and my ability to post any form of FB ads, or open a new Business Manager has not been reinstated – without any reason or explanation. This has pretty much cost me my business.

    A few things I’ve taken away from this:
    You have no automatic right to a FB account – and as soon as you sign up it appears you sign any rights you may think you have away.
    They can ban or close your account at any time – and its is entirely up to them whether or not the re-open it.
    You can appeal but they do not have to give a reason or explain their actions. I have not had a response from my latest appeal in over 2 weeks.
    You can not rely on Facebook advertising as these rights can be taken away at any time.
    There is very little information out there about what to do in this position (we are all sharing here).

    If anyone has any suggestions for what I can do next please respond to this article.

    • Tony, did you try deleting your personal Facebook account? As far as I know, all info (including business assets) attached to your personal account would vanish after 30 days, then perhaps you would be able to start fresh with a new account?

  14. Thank you for this article and indeed it has given me a little relief and reassurance. I just found out my ad account has been hacked and the hacker managed to spend $6,000 over the last 4 days without me realising. I chanced upon your article as I was wondering what was the likelihood of FB refunding me my money. I do hope I get the same outcome as you. Thanks again!

  15. It’s March 19, and my account has just been hacked in the middle of the coronavirus shutdown, so I’ve been having trouble reaching ANYONE! I’m still working on getting this resolved.

  16. I also got hacked! I already contacted the FB and they confirmed if I got hacked.

    I was checking my debit card at that time I got replied by I didn’t find a refund. So I replied to the message to ask about when I’ll get it.

  17. Same exact thing happened to me today. Thankfully caught it after $750 spent, daily budget was $3900 and could have been much worse. What a disaster. I filled out facebooks support request but based on the responses here it doesnt seem promising. Any success contacting bank?

  18. same thing happend to me, thankfully i dont use any money on facebook, but good try and thanks for the IP, its not that hard to get thru a VPN, mainly when your stupid and you hack someones account while hes on it xD i just hope i manage to delete all the pages, ad-accounts and other shit they made…

  19. I have just found out this has happened to me, I started noticing random amounts of money coming out of my bank account from the start of this year from Facebook Ads, keeping in mind I haven’t logged into my Facebook Ad account since November last year and have definitely not created any Ads or Campaigns this year. Random amounts of $50, $74, $23 etc adding up to $566 were being taken out each week without my permission, I thought perhaps I had made a mistake last year that resulted in these Ads being created but it’s now April and it just doesn’t make sense. I’ve contacted Facebook, I really hope they can refund me. Has anyone dealt with this?

  20. This has happened to us twice now! We’re small fish in the FB advertising world, maybe only a couple of hundred bucks a month. Located in Australia, for the second time we’ve had an individual who appears to be associated with a Vietnamese clothing brand, enter our accounts and setup ads with spending limits of hundred of dollars / day. The first time, they were able to spend about $2000.00 AUD in the course of about 2 days. The bank noticed it and blocked it, and we did the same ordeal as you described above – Contact Facebook through a fable form and wait for a reply. Just today, it’s happened again.. However Facebook seems to have deactivated the account as soon as the ads were published. Maybe the Facebook security algorithms learn. Now faced again with the waiting for a response, and frustratingly, can’t delete the unauthorised campaign, OR the personal account that’s associated themselves with the ad account… Frustrating, and unnerving!!!

    • Yes this has just happened to me Facebook deactivated my account but they still took £200 out of bank because the hackers asked to up threshold, bank has now blocked them taking anymore money but I cannot get to send forms re account because it’s deleted by FB, how can they agree to an ad threshold going up if they have deleted or suspended a profile

    • Same, Vietnamese company hacked me twice, first for sunglasses and then to promote jeans, they still have access to all of my Facebook accounts! Can’t remove them so I can’t run anymore of my own ads

  21. My whole personal and business Facebook account has been hacked and sent to an e mail account I can no longer recover which they have also hacked, I cannot get in touch with Facebook at all because I no longer have access as they have changed my password and removed my current e mail address. The Facebook ad e mail came from PayPal tonight and I have reported it right away as well as changing all my passwords. I honestly don’t know what to do as I just cannot contact Facebook. The hackers have set up 2 step authentication and every time I try to login the code goes to them

  22. Thank you for this. I have the same issue however when i go to press send on the unorrthorised ad link, nothing happens. I am in for $352 and outstanding amount of near $400. Very frustrating

    • Exactly the same thing just happened to me – filled the form in but it failed to send. Did you sort this out in the end?

      • Same happened to me and
        i cant submit the form, please let me know how you resolved this

  23. My cash app account recently got hacked. I hadn’t received my cash app card and I didn’t know what to do so I called a number thinking it was cash app number to call… when I called the number, they acted like they were helping me, they sounded just like customer service people and sent me a link to download the app called quick support then after that they hacked into my cash app and took all my money. I was lucky enough to find globalsolutionhacker a{{}}t g, {,} m, {,} a, {,} i, {,} l, d{{}}t c, 0, m, while searching for help online. He was most talked about many so i reached him for help. Job execution was perfect. My money was fully recovered and i was able to regain access into my cash app account.

  24. This happened to me today but scarily there was a dodgy person also there as an account admin that someone befriended on my behalf!! I’ve blocked and reported him. I’m still waiting to hear back from FB, tightened my security and the bank has cancelled my card. My IT guy also saw that people had been trying to get into my email account (and failed) back in April.

  25. I had the same problem few weeks ago, my facebook ads was hacked, I googled and found this page. I tried step by step according to this page and request Facebook to resolve and refund the charges made (it as around $ 350 USD) and today they reply my message and they rejected my request!
    I didn’t know why and what else to do, please help!

  26. Happened to me a few years ago. I have never had an ad over $30 and it had been a couple years since I created an ad. My payment was set to PayPal. Someone hacked me for a $250 ad! I called the bank first who gave me my money back. Then I contacted PayPal who contacted Facebook. PayPal said Facebook somehow proved that it was my ad. My response was of course it “looks like” I approved it because they hacked into my account! In the end the bank took my money again and gave it back to Facebook. It is unlikely you will get anything back. Write it off and never ever have any type of credit card or bank account or PayPal attached to your Facebook anymore. If you create an ad then create it and pay for it and delete your payment method immediately. I’m reading over these comments because now my husband has had his account just hacked into. He’s been doing little $20 ads to sell a large item but they’ve been happening every day and the number keeps increasing. We have a new one today for $125. I told him get your credit card out of there now!

  27. The exact thing happened to me early hours of this morning. Someone gained access to my account and listed multiple adverts. I last posted an advert last year, fortunately I had removed my card details so no charges where made to my account however the fraudsters added multiple VISA and Mastercard accounts to my profile and successfully made charges to these. I made futile attempts to contact both VISA and Mastercard to warn them that a few of their users were compromised but was told that it is not their problem and their banks must handle it.

    MAKE SURE YOU REMOVE ANY ADDED UNDER “AD ACCOUNT ROLES” on your profile. I had three SOBs added to my account. Change your password and enable 2 level authentication.

    Facebook will not remove the frauster FB accounts when I reported them.

  28. I had my personal FB account hacked and they used it to hack into my Ads accounts and kick me off as an admin. They then launched ads on two of my businesses, spending around $1000. My bank in Australia challenged the amounts and they were refunded.
    But two months later I still have no access to any of the business pages that I created (3). I have provided Facebook with over 30 pieces of evidence showing that I am the true creator and owner of these assets including the fact that two are physical businesses, Australian Securities Commission documents showing that I own the business names in Australia and the domain names as well. I also pointed out that my likeness is all over the pages in photos and video posts, but I have still not had a response apart from the standard ones saying that they understand, the appreciate my patience blah, blah blah.
    Argh! I am really getting to the end of my tether and have had to go to alternative ways of promoting my 3 businesses.
    If anyone out there has any ideas for what I can do next to actually get some action I would greatly appreciate it.

    • Yesterday I was hacked and hacker kicked me of my 3 business pages. There is no guidance or information how to report hacked pages. Meta-facebook need to improve both security and customer service. I’m worried about my business. After I read your comment I feel that I hopeless. It would be hard to reclaim dedicated pages for non native communicator. Above form no longer available now. There is no information how to report hacked meta ads manager account.

  29. My ads account was hacked on 14 July and I think Facebook themselves create this kind of anonymous accounts to snatch all the money for them. My 150 USD was used by the hacker but Facebook hasn’t refunded me that money yet.

    • can’t you remember any suspicious link that you clicked? As much as we wanted too, but we cannot blame fb for this, but the security they have.

  30. Thanks for providing this guide. £400 was removed from my bank account this morning for a campaign that I hadn’t set up and that had only been running for a couple of hours (whoever managed to set this up had set a £2K a day limit)

    Have logged the issue with Facebook, alerted Paypal to the unsanctioned transaction, updated passwords and reduced the ad spend limit to £0.01 so if they try to bump it up again I should get an approval email. I can see two accounts set up on my Adverts account that I didn’t add and am unable to remove….

  31. If you need a positive story, my Fb account was also hacked and 7 transactions totalling over £2.5k were taken from my bank account. My Fb account was disabled and I could not access it to report anything, so a friend helped and submitted for me the form quoted on this website and another one regarding ads specifically. A reply was received by Facebook in both enquiries, and received all the money back. Account is still disabled and cannot submit ID review due to “lack of staff during pandemic”. Just relieved to have recouped my money back. There is hope.

  32. My Account was hacked for 10,000 pounds. Again like you it was difficult to find the correct procedures and then i was also sent the your account was compromised and a refund was due email. however 3 days later and after chasing they said they still had some investigation to do. Another 3 to 4 days after that i re-chased and received a boiler plate email that had nothing to do with my enquiry. I am now several weeks into this and still no refund… Facebook are a terrible shower of a company and i will certainly be looking to not use their advertising space in future and i spend over 100K per year with them. If they are not treating me well, then smaller retailers have no chance….. i continue to send them daily emails but am now at the point of going through the trading standards to get my money back…. totally unnecessary and poor customer service.

  33. I don’t even have a advertising account but I do now thanks to a hacker. I managed to take control of it and stop more damage. They had used some else’s card details for payment so I deleted those also.

    I’m done, I’m leaving Facebook behind me now. I had 2 step authentication and notification of log in turned on. 1st I knew about being hacked is getting an email saying “your add has been approved”.
    Account is currently deactivated but will be deleted when I move my ocular account over.

  34. My FB account got hacked the day before Thanksgiving. I have tried everything. I set up another account which I can’t request friends. I’ve contacted FB over 10 times. No reply from them. Please help me recover my account.

  35. Yes I was hacked, over £1400 I knew I was hacked on FB but did not check my ads account as I only use it for my novels and had not ran an add for a while.

    Only reported it yesterday, awaiting a response.

    I also had 5 more admins which I didn’t add and I cant remove as my account is disabled for running ads, so I don’t know how they are running them, but they are.

    I have turned the adds off and deleted my debit card. I’ll keep you posted


  36. This has recently happened to me. Ad account for business hacked and ran £1200 a day ad campaign, another £700 a day and a £400 a day. Luckily American Express were on it. I have been waiting nearly 6 weeks now for it to be resolved but the Facebook meta ‘pro’ team keep saying the case is complex and takes time, I email every week for an update and they just copy and paste the same replies into the email reply. Anyone got any idea on what can be done? They took me off the business page as they got on to that, and my ad account. So now have control of neither and been waiting for what seems like forever.

  37. Same here, a payment to FB on my PayPal – immediately I cancelled the authorisation and reported to paypal I hope that no more payments will be taken. it took ages to find out what’s going on – I found it in business adds manager which I had never used before!!!! Hackers changed my email, added some people to manage the adds account – I removed them and the adds (I think I did ) I send a message to FB but no reply, since I can’t access the email I could change the password only. I wanted to close our bussiness page and account but still can’t figure out how as Meta changed everything recently and I don’t use FB much.

  38. Small new business. Facebook have taken a total of $177 in a day over 11 transactions I did not authorise. There are no visible ads running on my account yet Facebook say no suspicious activity and refusing to give refund. I cancelled my card and now they say I have unpaid amount outstanding. When I view the transactions on Facebook business there are also refunds listed that day which I did not receive so I assume the hackers got that money. Only a small amount I know but hurts when you’re starting out and have nothing. Can dispute this through bank but if they decide I’ve authorised payments there’s a charge of $30 per transaction and I have 11 so I’m too scared to do that when Facebook insist I authorised, how do I prove I didn’t? But surely if there is no physical ad I have a case, so frustrating, won’t be advertising with them again!

  39. My Facebook was hacked my email and my phone number was removed
    I try sending forgotten password and it keep sending to the new email on my FB details and I reported to Facebook community service and they told me they will lookout for me and reach to me since then I didn’t hear from them again then someone on Facebook recommended #RECOVERYKEY1 on telegram or Instagram using Recoverykey1 I try her out and it worked out she recovered my old page and she send me the new page details
    I had to change the password asap THANK you so much man you can inbox on Instagram or WhatsApp +44.7529495819 and signal chat+44(758)529-3650
    email Recoverykeytechnology@gmail.com

  40. In case this helps anyone else: I think I figured out how the hackers are getting in. And here’s the scary part: if I’m right, changing your password won’t help. Here’s how I think the scam works (at least how it did in my case):

    1. They get ahold of your credit card info somehow (in my case, I suspect a waiter at a restaurant took a photo of my card)
    2. They wait a couple weeks before using it so you don’t trace it back to them.
    3. They use the CC info to get into your FB account. When you have a CC on file, FB allows you to use it as a way of verifying your identity to recover your account (I really wish they wouldn’t!)
    4. They change your Business Manager settings to make themselves the only Admin and downgrade your permissions so you can’t remove them or turn off the ads. (In my case, they created a fake user with a misspelled version of my name.)
    5. They run a bunch of ads and charge them to your CC (not necessarily the one they stole, if you have more than one connected to your FB account.) (They still don’t make any other purchases with your stolen card yet, because what they’re really after is the “free” ads and they don’t want you to notice too soon.)
    6. Once you or FB catches on and shuts off their ability to run ads, THEN they start making fraudulent purchases on your stolen card — they know at this point the jig is almost up, and they only have a little bit of time to go shopping before you notice and cancel your card. (In my case they made several transactions using TikTok pay — I’m guessing because they assume that many FB ads customers are also running ads on TikTok, and so the charges may not immediately jump out as suspicious. This buys them more time.)
    7. You cancel your credit card and finally put an end to all this madness. (…until next time.)

    Hope this helps. (And… I’m sorry.)

    • Same thing happened to us. They gave themselves full priviledges and gave limited ones to my husband and myself . I have been in touch with facebook and am not getting anywhere. If you don’t watch out they will just delete your account with the years of business post you have. Did you get your account recovered?

      • I did eventually recover the account, but only after many, many rounds of back-and-forth with Meta support. At first, they didn’t seem to understand what I was telling them, and at least twice they told me they had fixed it when in fact it wasn’t fully fixed (I could log in but still could not remove the imposter account due to permissions). I kept trying and eventually got through to someone who understood and was able to correct it, and reverse the charges. It was harder than it should have been. Best of luck.

        • What contact did you use for Meta? I have tried 3 different addresses, numerous times, but never a response. Thank you.

    • does cancelling credit card help to stop all of this? Before paypal makes the payment as the ad is still ongoing, and I just discovered the hack few hours ago, will this be the solution?

      • Canceling your credit card will prevent future charges, but it will not remove the hacker’s access to your Facebook account — you need Meta support’s help for that. (The CC is how they get in, but once they’re in, they give themselves a back-door by changing the Business Manager permissions.)

        Of course, if your credit card was stolen then you will need to cancel it anyway sooner or later — so it’s probably best to do so as soon as possible.

        • Hi Niel! How do you get access to the account? This happened to me yesterday. I was able to remove the cc and PayPal, but the hacker took over my account. I am trying to access meta support, and I’m going around in circles… ca you please let me know how you were able to access meta support? Thanks

  41. My account is also hacked today but in my case hacker has removed my admin access and has given me the partial access.
    There are 3 new admin in my business manager. I contacted with fb help support. They asked me wait for 24 hours.
    Hoping for the best

  42. Wow, reading the comments it sounds very familiar. On 19 August my personal Fb account was hacked. They posted over 30 disgusting images and videos. My personal account got suspended for 3 days, My business one is still in the 30 day restriction. I have changed my password and enabled 2 factor authentication. The hacker had added themselves as my friend. After the 3 days I managed to block and remove them. Fast forward two weeks, FB approved a stranger to access my FB business ad account. Then they approved my ad. Considering my account is restricted it was a surprise. The hacker had added a CC to my payments. I managed to remove my paypal account and the ad account got disabled, which then meant I could remove the VISA card. On looking at my ad account I now have 4 new admins, which I did not add. I can’t remove them until my restrictions are lifted. Multiple reports to FB, zero anything back. They had turned off my 2 factor. I have turned it back on. Also forced logout when password changed before reenabling 2 factor. This is where we need a real person to contact. Not being able to post where I am trading and my products for 30 days is inconvenient, but the lack of communication from FB is frustrating and unprofessional.

  43. Thank you for this article. We’re going through this right now. Hit for $1600 so far today and the balance is still going up even with turning the ad off. Ugh.

  44. I was hacked and over £700 taken, i have spending caps in place so they ran one ad which they took £125 out of paypal for 3 times. Facebook no help – after 3 weeks they have agreed I was hacked and refunded the 1st and 3rd payment but refuse to refund the 2nd – so they are saying a hacker ran an advert but I somehow chose to pay for the second £125 of the advert but not the 1st £125 or the third! The hacker ran the same ad on a 2ndf ad account on my facebook account (didn’t realise I had two) and they spent over £300 and they won’t refund that at all – even though that is the same ad! They are seriously suggesting I wanted to run an ad that they already agree is a hackers.

  45. Sadly this is another Facebook cock-up. When you go to fill in the form it needs you to be logged in to your account. But you cant log in to your account because it has been hacked. So there is still zero way to contact FB. Totally hopeless and hapless over-reliance on their bloated ego self-belief in their IT systems. There comes a time when lone needs to just have a phone number – I wouldn’t care if it cost £10 an hour once connected to stop people making unnecessary calls – account lost – goodness knows what the hackers are selling as they seem to have changed the page name so I cant even see it.

  46. Thanks for taking the time to write this, I sadly find myself in this position. With some additional layers of annoyance. The hackers changed the name of my Facebook business page and I’m not able to change it back for 60days!

  47. Same happens with me. They spend 274USD and revoke me from admin and take full control. I have tried to contack FB but no way found. Totally useless customer service in the world

  48. My main account was hacked a month ago. I was the sole admin of my Photography Page ,ads were charged thru that I think. Like 12 ads,FB refunded 2 but they have locked my page ad account so I have no access to my Photography Page,it says I owe $7 but I cannot add payment if I wanted to. I have spent hours emailing many different avenues,sent cc statements,my DL etc and I keep getting the same response in seconds,cannot verify payment. I subscribed to get verified and that they took the money. I want my page back. I cannot even remove it and without control don’t even want it up.