I just received the following email from Facebook.
Apparently from an iPhone. I don’t own an iPhone. It wasn’t me who attempted the login. I changed my password, as prompted by Facebook, but who the hell is trying to access my Facebook account.
Has anyone else experienced this?
How did you change the password? Did you follow a link in the email, or did you type facebook.com in the webbrowser your self? If you followed a link, go back and check that the link actually went to facebook and it wasn’t a phishing attempt.
No phishing. It was a link on a Facebook lockout screen. I was logged in and it popped up with that screen.
I followed the FB instructions, end even got an email response after changing my PW.
Someone legitimately tried to log into my account through an iPhone.
WTF? I’m NOT that popular on Facebook. Or anywhere, really.
Sent from my XT1635-02 using Tapatalk
anything critical to me (banking, email, etc) these days I religiously use 2-factor authentication (2FA.) a few things I can use an authenticator app to generate a code. others I have text me with a code.
Do you have a simple password, or a complex one? Have you ever logged in from any device you do not personally own and control 100 percent of the time?
It’s that damn co-worker, out to get you! 
Really the most simple explanation is someone with a similar email address to yours mistyped it when trying to log into Facebook on their phone.
No one got in. Just tired to. So, whatever type of password he has was apparently sufficient.
Pretty much this. I have never logged in on anyone elses device.
I changed the PW to a more secure one, that is nothing like my other ones.
I was just curious if this had happened to anyone else, maybe as a FB security measure or something? I’ve been on there for 10 years and have never gotten a message like that previously. Oh well.
Spammers most likely. I’m sure there’s some reason why a Spammer would want FB accounts. I had my Gmail account hacked 3 times despite using long alpha numerics but only 1 spam email got sent out before Google blocked it. After the 3rd time I lost the account because I could not satisfy Google’s verifications of who I was, I couldn’t remember when I created the mail account so they wouldn’t let me back in. Now they use your phone to verify so it’s not as big of a deal as it was then.
The thing about passwords is, is that they are totally useless since most hackers go for the servers, steal accounts and then sell them. So passwords do little more than just keep out the average joe. I even had to freeze my credit because my insurance companies server had all the accounts stolen which included our social security numbers…securities a joke these days.
Check on Have I been pwned to see if your credentials have been leaked in any database breaches. It’s quite common for thieves to steal credentials from one site and then test them against other sites in case there’s password reuse.
If you use your FB password as any other password, it would probably be a good idea to rotate all of those passwords too as not all companies are as vigilant as FB on security.
Interesting website and oh hell, got some work to do.
My wife’s Facebook account was hacked. I’m not sure what the purpose was. She is convinced it was because she joined Indivisible. She changed her password and also put a generic cover photo up. The photo change was recommended by somebody?, not sure why. No problems since.
And I am clean on the pwned site. Ladies?
Gracious lawdy-pie, ah does love me a man with a vigorous password*!*
This is my guess too. Yeah, it could be something more nefarious, but hoofbeats, horses, all that.
Epiphany time.
Huge epiphany. A couple of hours after that failed login attempt I got a message from work saying my security clearance was being reviewed and they need to talk to me.
Sent from my XT1635-02 using Tapatalk
Good Luck Leaffan
I was clean on that site too.
I didn’t enter my email address there; I didn’t feel comfortable doing so.
Sent from my XT1635-02 using Tapatalk
If you don’t enter an email and you lose your account or forget your password or someone is successful at hacking it, you can pretty much consider it lost for good. It’s your choice obviously, but I can say I’ve had my FB connected to my primary email for about nine years now with no problem. They don’t add or sell your email with third parties, as far as I know…or–if they do–it’s with parties who haven’t ever contacted me by email, at least.
But if you don’t mind having to make a new FB and readd everyone if you ever lose it, well, that’s fine.
No, I didn’t enter my address into the “Have I Been Pwned” site.
My FB account is cool.
Sent from my XT1635-02 using Tapatalk