For starters, set up a unique, strong password for every online account, including email accounts, retailer accounts, and, yes, social media accounts. (A password manager can help.) Use two-factor (aka multifactor) authentication to add another layer of protection.
Next, remember that the more information you put out on social media—say, the names and ages of your kids and grandkids—the more information can be gathered by people who might want to scam you. Never share sensitive information like where you bank, your address, or your phone number. And post only what you’d be comfortable sharing publicly, no matter what privacy settings you use.
If your account has been hacked, you may be locked out. Follow the social media platform’s account recovery instructions; for Facebook, go to facebook.com/hacked to get started. (Your chances of account recovery are better if you’ve followed the security practices we’ve listed.)
Once you recover control, you’ll need to change your password and review your account recovery information, such as your email address. Check for messages the hacker sent from your account or for new friends you don’t recognize. Finally, alert your friends in an email or by texting or posting.