Prevent Hackers from Your Facebook Ad Account

Prevent Hackers from Your Facebook Ad Account

Trapica Content Team

Marketing Guides
5 min read
May 3, 2021

Facebook ads are often an important part of a marketing strategy, but privacy and security always need to be a part of the conversation. Facebook has the responsibility to keep our information protected, whether it’s email addresses, names or bank details. Safety and privacy have long been an issue for the social media mogul, yet the company is still at the forefront of infrastructure and processes to keep users and data safe.

Here we will highlight what you can do to avoid problems. By following our suggestions, you will gain peace of mind and a greater sense of control. Why run the risk of privacy or security issues when you can safeguard your account with these simple, actionable steps?

1. Use a Strong Password and Two-Factor Authentication

The best way to keep your Facebook Ad account secure is by listening to Facebook’s advice on passwords. Don’t use personal information in the password, don’t use the same password for every platform online and keep all passwords to yourself. A strong and unique password is the easiest, most reliable way to keep your account secure.

Next, Facebook recommends setting up two-factor authentication. Every time there is an unrecognized sign-in to your Facebook account, the user will be prompted to enter a code. Ultimately, this means you decide who can access the Ad account.

2. Avoid Friend Requests from Strangers

The problem with online scammers and fraudsters is that the majority of users believe they’re immune to being duped. Rather than thinking ‘it won’t happen to me,’ have the right security and policies in place for your business page and ad account. For example, don’t accept friend requests from people you don’t know. You don’t want to open the door to fake accounts posting on your timeline, sending malicious messages and tagging you in posts.

While on this note, never allow Business Manager to grant access to somebody you don’t know and trust.

3. Use the Page Roles Wisely

In the past, businesses have opened up Facebook pages and Ad accounts to all employees. While this is well-intentioned, things get messy when several people try to access and manage the account at once. We recommend taking advantage of the page roles. If you haven’t yet done this, there are six main page roles for you to assign:

  • Admin
  • Editor
  • Moderator
  • Advertiser
  • Analyst
  • Jobs Manager

If you’re the admin, you have the responsibility of handing out these roles and ensuring the right people have access. Currently, the Editor and Admin roles have the most privileges, whereas the Analyst gets the least. Not only will page roles allow you to manage control of the Ad account, they reduce the risk of bad behavior cropping up internally. Although this is something business owners don’t want to think about, it’s something you should consider. Moral of the story: only allow access to those who need it.

4. Manage Your Apps

When was the last time you looked through the apps that have permission to access your data? This factor is often neglected as an oversight. Especially with a business profile or page, you need to keep tabs on the apps that have permission to search through your data. For most marketers, it’s ignorance that gets them into trouble because they don’t realize how many apps have access to personal information. Now is the time to get rid of any apps and permissions you don’t need.

Though you can make these changes on mobile, it’s often easier on the computer. Either way, head into the Privacy page and click on Apps. You should now see the apps that have permission to all your profile and account information. If you’ve never looked at this page, don’t be surprised to find over a dozen apps with permission. With no editing, apps will probably have access to your timeline, work history, birthday, friend list and more. We recommend limiting permission or removing it completely to keep your Facebook Ad account secure.

5. Create a Trusted Contact

What would happen if you lost access to your account? For most people, it would mean a few minutes of panic and reaching out to Facebook for help. You can save all this hassle by setting up a trusted contact. Whenever you get locked out, the person you choose will receive a recovery code that they can send so you can re-enter the account.

Photo by Grianghraf on Unsplash

6. Lose the Trolls!

As a business, you appreciate every follower and supporter. However, Facebook has always had a problem with trolls and spammers. To help your business page and Ad account, lose the toxic followers. We’re sure you remember a few names that have spammed you or posted negative comments on your posts/ads in the past. Use the ban feature and make sure they can’t affect your posts in a negative way.

If banning is not yet needed, you can also hide comments by hovering over them. After clicking the three dots, choose the Hide Comment option and it will be removed. Feel free to delete the comment and even ban the user if you find yourself continually hiding comments from the same user.

7. Avoid Malicious Software and Dangerous Links

If you don’t recognize a link or it was sent by somebody you don’t know, don’t click on it. There’s no point risking the security of your Facebook Ad account or business page. Even if the link comes from a company or person you know, always double-check and do some research before going ahead with browser plugins and other extensions. In addition to private messages, this link might come through email or a Facebook post.

Facebook never asks for your password in an email, so never give your password out via this channel. Facebook has a tool that weeds out illegitimate emails, which you can find in Security and Login Settings. If an email claims to be from Facebook, head over there and you’ll find recent emails that are actually from Facebook. If you don’t see it on the list, report the email and ignore its contents completely.

8. Manage Profanities

Earlier, we spoke about managing comments and those who leave them. We realize it’s impractical for larger companies to manually sift through every comment left on an ad or post. Therefore, we want to offer another solution. The Profanity Filter and Page Moderation settings can block specific words, which if used, will be deleted automatically and won’t even make it to your page. Don’t worry about swear words or other profanities because the Profanity Filter should pick up on these. All you need to do is type in any additional words you would like to block with the Page Moderation feature.

9. Review Your Account

Recently, Facebook advised all Ad account users to review their accounts to check that all information is current and correct. You might want to check that the payment details are correct and haven’t been changed. Also, you can look for changes to bidding, budget, and ads. Go into your Ads Manager and check that everything is running as it should—this goes hand in hand with checking your roles and permissions. Ensure that the right people can make edits to campaigns and that nobody else has access.

With your Marketplace account, you can also check that nothing has been added without your authorization. For the most part, it’s just about being vigilant and taking action when something occurs that you didn’t action or authorize.


By following these tips, you’ll be in a great position to avoid scammers and other potential problems with Facebook accounts. To avoid confusion, only give permission to those who really need it.

Finally, don’t be afraid to head into the Privacy settings and play around with different options. If you encounter problems, use the Facebook Help Center and report it as soon as possible. By working together, advertisers can put an end to scamming and hacking!

Protect your Facebook ad account, gain audience insights, and automate and optimize your ad campaigns with Trapica's Marketing Suite

Marketing Guides
5 min read
May 3, 2021