Facebook can be a great way to stay in contact with friends and family. But it can also make you more vulnerable. Your account likely has a ton of personal data and connections that could benefit a hacker. The more you understand about how a hacker can access your password, the savvier you will be at keeping it safe.

Here are seven sneaky ways hackers can access your password and what you can do to stop them.

Suspicious Emails

You have probably heard many times by now not to open suspicious emails. This is still true today. But fake emails have become much more sophisticated than in the past. Fake emails might appear to be from Facebook and have all the formatting and logos you expect in a legitimate email. It can be very difficult to determine if an email is fake.

There are a multitude of ways a hacker can use a suspicious email to gain access to your Facebook account. The best way to avoid this is to delete the email and do not click on anything in the email. It is best to not even open suspicious emails.

If Facebook has to reach you, they can do so from your Facebook account. If you get an email from “Facebook”, instead of opening the email, log into your account to see if you have a notification there. Do not trust any emails that ask for account information, request money, or threaten to suspend your account.

Phishing

The purpose of many fake emails is phishing. Phishing is when someone asks for personal information that they can use to gain access to your account. A common way to phish is to trick someone to sign in on a fake site.

Some hackers will go through the trouble of creating a fake website that looks the same as Facebook. But, you can avoid this trap. It is always best to go to Facebook rather than click on a link. If you do use a link, carefully read the email address. Does it look correct, or is Facebook misspelled? Finally, check for the secure icon in the web address before signing in.

Fake Facebook Buttons

You might know not to trust links, but don’t forget that “like” and “share” buttons act like links. Clicking on one of these buttons on a fake site might lead you to a fake login page designed to steal your information.

To avoid this, sign in to your Facebook account from a new tab in your browser. Your browser will keep you logged in on other tabs. Now, any likes or shares will go directly to Facebook. If you still get a prompt to login, it’s a good indicator that the button was fake.

Password Spraying

Coming up with a password is hard. It can be tempting to use something like “123456789”. Of course, that is a bad idea; it is too easy to guess. But many people do use similar easy passwords. Because of this, many hackers employ password spraying. This is when they guess a password by using the most common passwords.

It is hard to remember a random alphanumeric sequence. So, more people use words, which limits the number of potential passwords available. When creating a password, it is best to use a unique phrase, replace some of the letters with numbers, and vary the capitalization. And definitely avoid any variation of the word “password”, including pa$$word123.

Plain Password Grabbing

Once you come up with a good password, make sure you only use it for your Facebook account. If you use the same password everywhere, you leave yourself vulnerable to Plain Password Grabbing. This is when a hacker attacks a more vulnerable and less secure site. Some sites do not properly encrypt passwords. In that case, a hacker can then use the email and password saved in the database to try to access other sites like Facebook.

If you have a lot of accounts that require passwords, consider using a password manager. Often, they will generate strong passwords for you too.

Keylogging

Keylogging is a more advanced hacking technique. It requires installing a program on your device to track everything that you type. This can give hackers far more information than just your Facebook login information. They could even get credit card information using this method.

But, because a hacker needs to install a keylogging program on your device, it is a little easier to protect yourself against this sort of attack. Generally, hackers hide these programs in other software. To stay safe, do not download anything from an untrusted source. Your computer’s security software can detect these programs, but you might want to get anti-malware software for your smartphone. Make sure to keep your security software up to date too.

Unsecured Networks

Even if you have the best passwords, and are using the most secure computer, it won’t help if the network you are using is not secure. Public Wi-Fi is often unsecured. Unsecure networks allow hackers to snoop through all the data that you send and received from webpages while on that network.

Instead of using free Wi-Fi to access Facebook on the go, sign in using mobile data. It will ensure that your data is more secure. Or consider getting a virtual private network (VPN). Many VPN providers will encrypt your data, which will protect it even if you are connecting to the internet on an unsecured network.

Facebook Security in a Nutshell

Our growing dependence on the internet means that we need to be a little more careful online. All the security information out there can be a little overwhelming. But it all boils down to a couple of simple tips. Use unique passwords for all your accounts. Do not click on any links that you do not trust (even if it looks like they are from Facebook). Do not download anything unless you are certain if it is safe. Do not enter sensitive information on public computers or across public Wi-Fi. If in doubt, error on the side of caution.