Instagram is one of the most popular social networking sites with over one billion monthly active users from all over the world. It’s a fun way to share your best photo moments with friends and acquaintances. The platform also allows you to link your other social sites such as Twitter and Facebook, which is a great way to stay in touch.
Unfortunately, most people tend to take a casual approach to their privacy when it comes to social networking sites.
Maybe you recall how wired editor Mat Honan’s Instagram account got hacked in 2013. In 2017, a Kenyan Socialite, Vera Sindika Instagram account got hacked and her private messages were leaked on Twitter. While these cases may seem to target only high-profile people, the reality is that no one is safe from cyber threats.
You should be very scared when an Instagram account is hacked because yours could be next on the line. Cyberattacks will always be there but you can reduce the likelihood of being hacked by avoiding unnecessary information overload on your social accounts. For instance, why would you share your contact details, home address and life history with a bunch of strangers on Instagram, Twitter or Facebook?
Three Critical Steps To Take For a Hacked Instagram Account
A lot of people end up having their Instagram account hacked for one reason or another. We’ll talk more about those reasons in a bit. For now, just know that whatever the reason, it doesn’t really matter.
Maybe you clicked a malicious login link or maybe your social media manager messed up some of your business accounts. Maybe you were hacked because of suspicious third-party apps. Whatever the case, these are the steps you need to take right now if you have a hacked Instagram account:
Step 1: Contact Instagram To Get Started on the Instagram Account Recovery Process
If you have trouble logging into your account then you’ll have to get in touch with Instagram to regain access. Don’t even think about paying someone on the internet who claims they can get your account back. There’s a huge chance that that person is part of the group that hacked your account in the first place.
In any case, in this step, you have to click the “Forgot Password” button on Instagram. You should see it below where you enter your login details. Click the button to request help with your account.
From the new page, you’ll either have to provide the phone number or email address you used to sign up on Instagram for your account. Once you provide everything the page asks for, you need to click the button that says Send Login Link. Once you do so, Instagram will send you a link. Go to your email account, open the link and then try to recover your Instagram account.
Note:The success rate of this method depends on the hackers. If hackers are experienced and quick then as soon as your Instagram account has been hacked, they’ll go to the Settings menu and change the username, password and email address. They may also be able to change your phone number, your identity details, business contacts and all the other information on your account all without you being aware.
How do you know if this has been done or not? Well, once you’ve gone through the first step and have requested the link, clicking the link should take you to the right page. If it doesn’t or if you can’t get the link or if Instagram says your username is invalid, then hackers have probably succeeded in changing your details. In this case, move on to the next step.
Step 2: Tell Instagram That Your Account Was Hacked
Instagram users can do this for free through the Instagram app or website. On the website, users will have to fill out a form that will ask for account details. Once finished, users should hit the button that says “My account has been hacked.” After that, simply click on the button labeled “Request support.”
Once you’ve done this, feel free to spend some time tending to other business aside from your Instagram account. Hacked accounts will take time to fix, but rest assured that Instagram will pay attention to your request. You could always use the Facebook app or website to talk to people and let them know that you got your Instagram account hacked.
Posting such content on your other social media accounts will take time, possibly enough time for Instagram to get back to you. Once they do, you’ll have to provide them with other identifying information so they can secure the account recovery process.
The process will differ for each individual. Instagram just wants to make sure there’s no suspicious activity going on and that the person requesting access to the account is actually the person who owns the account.
Instagram will send you a security code from their website. Once you get the notification, you need to note down the code and keep it somewhere where it’s easy to recover. Once that’s done, Instagram will want you to take some photos of yourself while you’re holding a piece of paper with the sent code written on it. If you want to increase your chances of success it’s better if you take a selfie.
For hacked accounts, Instagram will also ask you for the phone number you used to sign up with the app. Moreover, you’ll also have to provide the email address you used with the app.
Once you’ve provided all the details, Instagram will start verifying your information. They’ll take a look at your Instagram account pictures and the picture you sent them to move forward.
The procedure we’ve mentioned above is the best way to get your hacked account back since the system is manual and there’s no way for hackers to trick it. Other methods can be hijacked which could lead to your account being lost forever.
Step 3: Keep Note Of Your Instagram Account Activity
You don’t have to look for suspicious activity per se, but it’s always better to keep an eye on things. If you have access to your Instagram settings then you can use the options available there to check the login activity on your account.
Any time someone accesses your account with the right combination of username and password, an event will be generated and registered in your log-in activity. Looking at your log-in activity you can figure out if something suspicious is going on with your account.
Pay close attention to the time and date of all the log-in attempts in your login activity. If someone other than yourself logged into your account, then you should be able to make out the weird timings of log-in attempts. Sometimes the location from which a log-in attempt was made can also tell you a lot about whether or not your account is hacked.
While you’re checking whether or not someone used the Instagram app without your permission, keep an eye out for photos that have appeared on your account that you don’t remember taking or uploading. Similarly, if you usually approve a follower request, take a look at if you have new followers whom you didn’t approve. If you see missing content, that’s a strong sign that your account is hacked and someone is using the delete function on your Instagram content.
Bonus Critical Step 4: Change Similar Passwords
If you know that someone has hacked your account and you’ve also received the notification from Instagram either with the app or email, then you may be tempted to follow the email from Instagram to see if there’s something you can do about it.
You’ll probably go to the page where you click the link that says “I didn’t do this.” We want to let you know that clicking that link is going to do very little if anything in the way of getting your account back. If you do go ahead and click the link, you’ll probably land on the Instagram login page.
This is important:In any case, what you should do is to change the password of every account that you have on any platform with any service that has the same password as your hacked Instagram account. You should never make the mistake of using the same passwords for different services.
We’ll talk more later about how you can secure not just your Instagram account but any account on any service. For now, it should suffice that you shouldn’t even use similar-sounding passwords for different services.
Top Ways Hackers Hack Personal Accounts
They can hack a business account as well. In other words, all Instagram accounts are prone to being hacked if you don’t take care of your account details such as Instagram password and two-factor authentication.
There are three main ways hackers gain access to your account. Let’s take a look at them.
They Steal Your Login Information
“My Instagram got hacked” is the most common phrase Instagram users use when they’re trying to tell their friends that someone hacked their account and they weren’t joking around. It’s also a common search term when people turn to YouTube videos for help.
There are two things hackers love: code and phishing links. We’ll talk about what a phishing link is later but generally speaking, hackers will somehow get a hold of your login details. Each personal story about how hackers stole someone’s information is different, but most of them boil down to the fact that the hacker stole personal information.
Phishing With Fake Login Link
This is a technique that’s very common among hackers. It’s a tried-and-tested way of fooling mobile phone users and desktop veterans into submitting their security code into a fake login screen.
If there’s one situation where a site owner would be better off if they just forgot their password it would be when faced with a phishing attempt.
Phishing attempts are also a problem when hackers send you a legitimate-looking email message. Replying to this email means the hacker gains access to your account without having to hack into it themselves.
We should mention that a phishing attack isn’t just an Instagram problem. It occurs on other platforms as well.
We’ll only deal with Instagram though. Getting back to our example, hackers can easily develop an Instagram login page, send a login page to an unsuspecting user and then wait for the user to use their Google Authenticator and their username and password.
Hackers gain access to all such information at the same time the user inputs them via the Instagram form page. Therefore, you should never try to fill a form that you don’t trust.
Just because you get a notification with a request to visit a certain website, doesn’t mean you have to use it.
If you do so then you’ll definitely get your Instagram hacked. Then you’ll have to recover your account which is a long process we’ll discuss in later sections.
Third-Party Apps For An Instant Hacked Account
Modern hackers don’t have time to wait for you to visit a website or request support for your Windows problems before they can get your credentials, tweak your Instagram settings and then carry out suspicious activity through it.
If you didn’t input your credentials on any suspicious-looking website and yet your account has been hacked, then that’s a clear red flag of hackers using malicious apps to get your information. We’ll talk more about this in a later section but you shouldn’t allow other sites or other bloggers to have unrestricted access to your data or device. Keeping others off your device will help to keep your account safe.
Can You Recover Your Photos if Someone Deletes Your Account?
That’s a tricky question to answer because a malicious actor may delete all your posts or may only delete one specific post without you knowing anything about it. Of course, there’s nothing stopping the malicious actor from deleting more than a single post on your account. The actor can delete your whole account if they like.
We want to let you know that there are steps you can take if that happens to you. Let’s say you got your Instagram account hacked and deleted. In such a case, you have a total of 30 days within which you have to contact Instagram. Once you contact their representative, you’ll have to explain your story and make a request to restore your account. This, of course, is free to do.
Officially, Instagram does keep a record of your data for a period of 30 days. But the company can change that policy any time it wants. Hence, it’s imperative that you act quickly. In the end though, even if you act in time, there’s a high chance your account is lost forever.
There have been many cases where users have submitted requests to restore their account only to not hear from Instagram for months on end. In such cases, the only thing to do is give up the account and open up a new one. Since opening a new account is totally free, you shouldn’t hesitate. Of course, you would’ve lost a lot of capital in terms of followers and brand deals.
You can use the new account and your first post to explain what happened to your previous account. You may also have to connect to your followers in one form or another. You can hire a marketing agency to contact your followers with a tailored email message or reach out to them via social media.
We should also mention here that even though the deletion of your account will cause your data to be lost, if you enabled the Instagram autosave option you could get your posts and photos back. The autosave option downloads your content to your device from time to time, essentially creating a backup. If you enabled this option, you should be able to find the backup on your device.
Why Secure Your Instagram Account?
To Protect Personal Information
Your personal information is meant to be private and shouldn’t be on Instagram in the first place. Unfortunately, sometimes we end up sharing too much private data on Instagram which is why you should shield your Instagram account. If hackers gain access to your private information, they can use it to get into your other accounts. That includes your bank accounts and other areas where sensitive information is stored.
To Avoid Picture Stealing
The last thing you would wish for in life is to have your Photoshopped Instagram picture making the rounds on social media superimposed with funny text or captions.
Prevent crooks from stealing your pictures by securing your Instagram account.
To Avoid Phishing Attacks
Instagram is a good phishing ground for scammers. Some of them pose as your friends but all they want is to squeeze out some private information, which they later use in targeted phishing attacks.
To Avoid Identity Theft Crimes
Identity crimes involve somebody impersonating you in computer crime frauds either by using your hacked account or creating a copycat account that has all your details. This can easily be done by hackers if they have access to your account and can see all of the information stored on it.
Tips for a Secure Instagram Account
Use a Strong Password
A strong password is your first line of defense against cyber crooks. Avoid using obvious guessable passwords such as 123456, username, password and other commonly used passwords.
Use a Password Manager
Making use of a password management application such as LastPass or 1Password is a smart way to secure your Instagram account. If you want to use a password manager that’s totally free and open-source then BitWarden is the way to go.
A good password manager will help you generate a strong password that’s accepted on all sites. It will also remind you to regularly change your passwords and retrieve forgotten passwords hassle-free.
Ensure Your Primary Email Account Is Secure
The easiest way to hack into someone’s social media account is by first hacking their primary email address, then hacking into other accounts linked to it. Ensure your primary email account is secured with a two-factor authentication process. Remember to use a password composed of a combination of letters, numbers and special characters to ensure that it’s as secure as possible.
We can’t stress this enough: if you care about your personal or business account on the Instagram app then you have to enable two-factor authentication. Without two-factor authentication in place, you can forget about keeping your account or app safe from getting hacked.
Note:Keep in mind that even with the two-factor authentication enabled, hackers can still compromise your business or personal account. Without it, hacking an account becomes much easier and you don’t really want to be low-hanging fruit when it comes to keeping away from hackers.
Another misconception we would like to remove here is the difficulty involved in enabling two-factor authentication. One of the easiest things you’ll do in your life is set up two-factor authentication on Instagram. The return on your effort will be immense since you’ll be taking steps to protect your account from getting hacked in the future.
To get the ball rolling, go to the Instagram account settings page. From there, input the code required for confirming the login attempt each time you or anyone else wants to do it from an unknown device or a new location. Instagram is very thorough on this matter as it provides users with two different options to set up their two-factor authentication security protocol.
The first option is for you to use the app and receive a security code on your mobile phone (more specifically, the mobile phone number you used for registering on Instagram). So each time you try to log in from a new device, an unknown device or a new location you’ll receive an SMS code.
The second option is for you to input codes that a third-party authentication app generates. The most common of these apps are Google Authenticator and LastPass Authenticator. Both options provide more security than a setup where you only have to provide a password for a successful login.
Log Out of Instagram on Shared Devices
Sometimes you may be tempted to update your Instagram using your friend’s PC or using a shared computer, maybe at school or work. Remember to log out of your Instagram account and don’t save your password on the browser or anywhere on the device.
Avoid Third-Party Instagram Applications
Although third-party Instagram apps offer great features, always stick to the official Instagram app for Android and iPhones. Most third-party apps are marred with numerous vulnerabilities that risk the security of your Instagram account. Some third-party apps also collect too much unnecessary personal information that jeopardizes your online privacy.
Revoke Access To Third-Party Apps
Some third-party apps request permission to access your Instagram and post on your behalf. Deny such apps access to your Instagram account unless extremely necessary. Some of them have vulnerabilities that will jeopardize the security of your Instagram account.
You have to understand that if you don’t revoke access to shady third-party apps you’ll be putting your photos and posts in danger.
Warning:If you’re not careful about which app has what kind of permission to do what kind of stuff on your account, it could delete a post or add a post without sending you a notification. Similarly, malicious apps will try to access your contacts and messages for free when you aren’t careful about access privileges.
Keep Personal Information Private
Information such as your cell phone number, home address, social security number, employment details and anything else that only you and a couple of other people know aren’t meant to be shared on public sites. Avoid giving out too much private data if you want your Instagram posts and photos to be safe from hacking attempts. Such information can be used in phishing attacks or identity theft crimes.
Block Suspicious Followers You Don’t Know
It’s hard to personally know all your Instagram followers, but you can identify and block those who are up to no good. Watch out for attention-seeking followers constantly posting inappropriate comments on your photos or looking for ways to start a private chat. Some of them could be online scammers.
Pro Tip:If you post something and you regularly get messages for free consulting or free management services, it’s best to avoid them.
Configure Your Privacy Settings
Instagram has powerful customization tools that enable you to control your privacy on the site. Configure your privacy settings to tighten your grip on the amount of private information you broadcast on Instagram.
Avoid Clicking Shortened URLs on Instagram
Some of the shortened URLs are ridden with malware designed to steal your login credentials.
Never Reveal Your Location
A smart way to stay out of harm’s way on Instagram is to turn off the location feature. Avoid mentioning where you took the photo and don’t allow Instagram to use your location to customize your experience. Also, don’t upload photos that capture details such as street addresses which could be used to find your real location.
Manually Approve All Photo Tagging
Imagine being tagged in an embarrassing photo you wouldn’t want your family or friends to see. Avoid such situations by adjusting your Instagram tagging options to give you a chance to manually approve all photo tagging. Go to your Instagram and access the Photos of You option, click on the menu button and select the option to add photos manually.
Conclusion: Instagram Account Hacked
In a nutshell, shielding your Instagram account starts with having a strong password and more importantly keeping your private information to yourself. Like we always say, the web is a potentially dangerous place and it’s the last place you would trust anybody with your private information. Vulnerabilities on the web are inevitable but most of them are created through careless mistakes that could be avoided.
In this guide, we’ve discussed a few practical tips that would help you solve more than half of the security pitfalls on Instagram. Please let us know in the comment section if you feel we’ve left out an important tip that could’ve made it on the list. Also, read more on how to secure your privacy on a highly censored web so that you take the extra steps to protect yourself.