Monitoring your Facebook account for unusual activity is one of the best methods available to prevent attackers, spammers, and malicious people from taking over your account and causing trouble for you and your Facebook friends. Attackers want to get access to your Facebook account for a several reasons. If you are a public person, then you may have people that oppose your views. Sending messages from Facebook contrary to your stated position on an issue may confuse your followers and lead to personal difficulties and unnecessary confrontation. Attackers and spammers want to use your account to get to your Facebook friends. Specifically, they want to send messages to your Facebook Friends pretending to be you. Your Facebook Friends are more likely to trust posts and messages from your account. Attackers use your account to spread malicious software and links to your Facebook Friends. Spammers use your account to send unsolicited commercial messages or links to surveys. Regardless of what they send, you will have a difficult time explaining the messages sent from your account and assisting in the cleanup. Leaving your Facebook account logged in and abandoned is an opportunity for someone to mess around with your Facebook account settings, your profile, and send unflattering messages in your name.
If you access Facebook from multiple devices like your home computer, your laptop, your tablet, your phone, a work computer, a friend’s computer, the library computer, the school computer, then you should be aware that you need to monitor your account for unusual activity. It’s quite easy to forget to logout of Facebook. Some less scrupulous individuals may have access to your account and can life miserable for you. Remember, just closing the tab in the browser or even exiting from the browser software will not log you out of Facebook. You have to select “Log Out” from the triangular drop down menu in the top right portion of the Facebook page.
Using Facebook Apps allows the developers and owners of those applications to access to your account and some of your private information and Facebook Friends. The same is true for using “Login with Facebook” (sometimes called “Connect with Facebook”) on another web site. You have to allow those web sites and applications explicit access to your Facebook account and information. Facebook identifies which information they need to access so you can make a decision about the access prior to approving it. But over time, you may no longer use those applications or web sites. In some cases Facebook applications have been intentionally malicious or at least “noisy” in that they post status messages and annoy you and your Facebook Friends. Canceling the access of old, unused and malicious web sites and Facebook applications is prudent.
Monitoring your Facebook account activity is very important to maintain the security of your account and to prevent unwanted access by others. Some of methods to maintain your account security involve enabling Facebook security features, reviewing your Facebook account status, and reviewing the applications you have previously approved access to your account.
Facebook account Login Notifications provide an easy way to monitor your account and the devices used to access it. Login Notifications are useful in that you are immediately informed if your account is accessed from a new device without your knowledge. You can also assign a unique name to each device used to access your Facebook account for later review. Enabling this feature will keep you better informed about unauthorized access to your Facebook account and provide you with an easy method to review the approved devices later. To learn how to enable Login Notification for your Facebook account, please see my previous post on Login Notifications.
Periodically you should review your list of approved devices, web sites, and applications. You may no longer have access to a particular device, borrowed someones’s device to access your account, or allowed access to a Facebook application then never used it again. There may be web sites that you signed into only once and never returned or no longer use. Facebook applications are easy to start using but are often forgotten. Reviewing your approved devices, web sites, and applications and canceling their access is available through the Security Settings page on Facebook.
Monitoring Account Activity and Canceling Access
Here is how to monitor your Facebook account and review the web sites, applications, and devices that have access to your account:
- Click on the “triangle” drop-down menu in the upper right portion of the Facebook page.
- Select “Account Settings”. A new page will open.
- On the upper left portion of the Facebook page you will see a tab called “Security” with a gold badge icon next to it. Click on it.
- If you have Login Notifications enabled, look for “Recognized Devices” and click on it. You will see a list of devices on which you have logged into your Facebook account. Review the list and click on the “Remove” link for each device for which you want to remove access. Click on “Save Changes”.
- To review from where your Facebook account has been accessed, select “Active Sessions”. A list of sessions will be presented. Review the list and click on the “End Activity” link to cancel access for a session. End any activity on sessions you don’t recognize.
- On the upper left portion of the Facebook page you will see a tab called “Apps”. Click on it. You will see a list of web sites and applications that you have authorized to access your Facebook account. For any web site or app that you are not familiar with or have not used in a while, you should remove it by clicking on the “X” icon to the right of the entry. You can also limit some of the access that the approved applications have by clicking on “Edit”. Some of the access that application originally requested can be curtailed by selecting “Remove”. You should remove access to any action that you do not believe that the application needs.
Monitoring and Controlling Account Activity Considerations
Using the Facebook-provided tools for monitoring and controlling access to your account can reduce the chances that someone can take over your Facebook account, but there are some things to remember when using these tools:
- The more computers you use, the longer your list of Active Sessions and Recognized Devices will be. Periodically, you should trim that list down to the specific systems that you use most often.
- Limiting the access a web site or application has may impact the usefulness of the of the application or web site. You can experiment and adjust the access as needed.
- If you remove access for a session or device that you were using, you will be asked to login to your Facebook account again when you use that device.
Check our guide: Own Your Space, “A Guide to Facebook Security”