Facebook account stolen?

Ok I just tried to login to Facebook and it told me that someone from Gaza of all places had tried to login to my account. I’m at a loss to how they would have gotten that password, I don’t really use it anywhere anymore except for facebook. I have flashblock installed, greasemonkeys no-script, and ad-block. I don’t download random or any exe’s for that matter from the web so wtf.

I guess the next course of action is to immediately scan with malware bytes, my anti-virus which is Eset Nod32, and then get a password service like lastpass changing all my existing passwords to everything. And then maybe nuke my installation from orbit.

had tried to login to my account.

Tried to log in, or was successful at logging in?

If its the former, probably no big deal. A password change never hurts though.

All it told me was that someone had attempted to log in from Gaza and that my account had been locked. My guess would have been yes otherwise why tell me?

Nah, I think your fine, Someone has probably just tried to brute force it and facebook has automatically locked it after too many failed attempts.

I imagine it happens fairly regularly. The kind of info people post on their facebook is also quite often the kind of thing people use as passwords - DOB, country, home town, high school, name of partner or pet, etc, etc. There is probably plenty of wackos that just spend time trying to social engineer their way into someone’s account using easily guessed passwords.

I reckon if they actually got in, you would have received a different message, actually querying or telling you that your most recent login was Gaza, rather than saying ‘attempted’.

Change your password to something nice and secure and you will most likely be fine. If your genuinely concerned your PC may be compromised, change your password from another device - an iphone or ipad would be handy as it would be even less likely to have been compromised by any malicious software - then run your malware checks or nuke it.

Incidentally, upon successful login, my bank always pops up with a message advising if there has been any incorrect login attempts (usually me 30 seconds earlier getting my password wrong), so it is far from unusual for secure sites to be advising of failed attempts and locking accounts as a precaution.