This is probably out of date but may still have some relevant pointers

https://null-byte.wonderhowto.com/how-to/4-ways-crack-facebook-password-protect-yourself-from-them-0139532/

Check the email address linked to the account hasn't also been compromised?

Enabling Two Factor Authentication on her Facebook account might be a good first step.

Also, on Facebook, go to Settings > Security and Login and you can see a list of devices where you are logged in. If you expand the list you can log out of all devices.

Email address is OK. I've tried to get her to do 2 factor authentication, but without success so far.

I'll see if I can persuade her to do the logout thing - ta for the suggestion.

Well, I managed to get her using 2 factor authentication for Facebook. In the meantime, she had notifications from Amazon that somebody had tried to login repeatedly (genuine notifications, not the West Central African variety), and from ebay that there was an item in her shopping basket that had been there for a month and did she still want it. She checked and it was a £1500 laptop. So - new passwords for Amazon (just in case) and ebay. The ebay security people said they thought her email account was the access route - yet another new password. I got her to run a full scan using Norton, the free online one, and then Bitdefender, which she has running anyway. Both came up clean.

I didn't speak to the ebay people, but Mrs WmA said they sounded 'pretty confident' that the route was via her email, so maybe they know something we don't.

Good news that whoever got into her ebay account couldn't access Paypal or any of her other payment methods. And good news that I managed to convince her to use properly strong passwords even if they are now written down on paper.

Two Factor on Facebook is much easier if Mrs WilliamA has the Facebook Android/iOS app as they can be used to verify the login attempt. If you want to use another 2FA process/app I highly recommend Authy.

But definitely don't use SMS.

It probably would be easier, but she's happy getting text messages - yes, I know. I shall leave it a week or so until the temperature cools down* and then suggest Authy. In fact, I may start using that myself, thank you!


*her Fitbit has stopped cooperating too and as I am the tech support in the house, the hacking and her Fitbit problems are clearly linked and it's certainly my fault.

I've passed the IP address and login times (from the Facebook alerts) to Sky abuse. They might be interested I suppose, as it's a PC using a Sky address. Took a second look at the alerts and it's definitely her email that was compromised (login was via a code + her email address). Hopefully all fixed now.

"it's a PC using a Sky address."

Might be, ip might be spoofed.

True.