This is old trick but still if you are not aware of this then this is for you. Facebook has added new feature to browse it securely but is not set by default. Facebook has changed without any notification.Take a look at your URL (top box on your screen.). If you see "http" or just "www" instead of "https" you DO NOT have a secure session & can be hacked.To secure your facebook account just follow the below Steps.
Steps to setup
1. Go to Account2. Then Account Settings
3. Then click on Security
4. Check box (secure browsing)
5. Click on Save changes.