Hacked on Instagram? Here’s How to Get Your Account Back
Deep breath. You can recover an account that's been hacked on Instagram. Here's how to do it—and protect your profile from hackers.
There’s a new kind of Instagram takeover these days—and it’s not one that you ever want to try. Since October, the Identity Theft Resource Center (ITRC) has seen a sharp rise in the number of people who were hacked on Instagram and lost control of their accounts. A division within New Jersey’s Office of Homeland Security and Preparedness issued a similar warning in late 2021.
While Instagram accounts are sometimes hacked by a person you know IRL (say, an ex), more often the hacker is a cybercriminal. What’s in it for them? “They’ll post a link that they’re hoping your friends click on,” says Samuel Mulder, PhD, an associate research professor at Auburn Cyber Research Center in Alabama. “The link will likely contain malware [malicious software] they use to steal data and sell it.”
Posts with links to fake bitcoin investments are the latest online scams used by these cyber bad guys, according to ITRC. (They’re up to no good on Facebook, too, so learn how to recover a hacked Facebook account.) It’s way easier to take steps in advance to ensure your online security than it is to deal with the aftermath.
Luckily for you, we’ve got the details on how to safeguard your account and what to do if you’re hacked on Instagram. While you’re at it, learn how to tell if your computer has been hacked and how to tell if someone blocked you on Instagram, plus get the answer to your burning question: Can you see who views your Instagram profile?
Reasons you’ve been hacked on Instagram
A data breach is most often the origin of your Instagram woes. If an online store with less security than Instagram—maybe that cute little shop you bought a gift from over the holidays—is compromised, hackers could get ahold of the email and password you use on that site.
“Since people tend to reuse a password, there’s a strong possibility that the password you used for the online retailer is the same one you have for Instagram,” says Mulder. (And that could just be the tip of the iceberg: Here are more alarming things hackers can do when they have your email address.) Hackers use programs to plug in the passwords, and just like that, you get hacked on Instagram. Lesson learned: Don’t reuse passwords, and definitely select good passwords to begin with.
Your account may also have been breached when you clicked on a link in a message. Doing so could’ve installed malware on your device or diverted you to a fake Instagram log-in page, where you entered your credentials. Fake ads could even be the source of the problem, so be sure you know the signs an Instagram ad can’t be trusted.
A less likely route: Someone you used to be friends with knows your Instagram password and simply logs in to spy on you. Perhaps you’ve blocked them on Instagram or set up your account as private. If they’re one of your followers, they might want to see what you’re posting only to your close circle of friends.
No matter what caused the hack, you need to act fast.
What are the signs that your Instagram has been hacked?
If a cybercriminal hacks your Instagram, it’ll be obvious. Your first tip-off might be friends texting you about something out of character, like a bitcoin deal, that was posted to your account. Or you might notice something’s wrong when you open your Instagram app and are prompted to enter your password. If your password doesn’t work, a hacker probably changed it, locking you out of your account. In the worst-case scenario, your account might simply vanish because a hacker deleted it.
On the other hand, you may not know something’s up right away if your ex is the perpetrator. In fact, to keep spying on you, the hacker won’t do anything that looks suspicious. You can do some sleuthing, though: Tap the stack of three lines in the upper-right corner of your profile, then tap “Your activity.” From there, you can review data such as time spent on the app, posts you’ve liked, comments you’ve made, and links you’ve visited to be sure nothing is out of the ordinary.
If you’ve enabled notifications from unrecognized logins, Instagram will give you a heads-up that someone has logged into your account from an unexpected place. But don’t panic over every notification: You may receive one if you’re logging in from a different place (say, you’re using the Wi-Fi at your vacation rental) or have a satellite Wi-Fi connection. And on that note, check out these places where you should never use free Wi-Fi.
How to recover your hacked Instagram account
At the first sign you’ve been hacked on Instagram, you’ll need to work fast. You may be tempted to try to locate Instagram’s phone number—it’s 650-543-4800, by the way—but since it’s entirely automated, you’re better off following the plan below instead. If you still have access to your account, change your password immediately, advises Mulder. Locked out? Then follow these steps:
1. Check your email
Be sure to log into the email account you used when you set up your Instagram way back when. Look for a message from [email protected] It may alert you that someone logged into the account and changed your email address. By selecting “Revert This Change” in the message, you might be able to have the account reset to your original email and log in.
Of course, before you click a link like this, make sure you know what phishing is and how to spot a phishing email. The last thing you want is to stumble upon a phony email from Instagram and invite malware onto your computer.
2. Request a log-in link
If you have no luck with the first step, ask Instagram to email or text you a log-in link. If you have an Android phone, tap “get help logging in.” On an iPhone, tap “Forgot password?”
Enter the username, email address, and phone number associated with your account. Select your email address or phone number and tap “Send login link.” Once you get the link, click on it and follow the instructions.
If you’re not sure of the email address and/or phone number you used for the account, tap “Need more help” and follow the directions.
3. Ask for a security code
If the log-in link doesn’t do the trick, the next step is to request a security code. Enter the username, email address, or phone number associated with your account, then tap on “Need more help?” Select your email address or phone number, then tap “Send security code” and follow the instructions.
4. Verify your identity
For further help, or if a hacker deleted your account entirely, you’ll need to provide some additional info. If your hacked account contains photos of you, you’ll be asked to take a video selfie to confirm you are who you say you are and that you’re a real person.
The review process generally takes up to two business days. If you pass the review, you’ll receive a link to reset your password. Don’t worry, the video selfie will never be posted to your Instagram and will be deleted within 30 days.
How to prevent your Instagram account from being hacked
As you can tell, it’s an unnerving and huge hassle to be hacked on Instagram. Fortunately, you can quickly level up your account’s security, so hackers get stymied during a break-in attempt, says Mulder. Take the three steps below to ensure your account is as secure as it can get.
1. Change your password
Not only should you change your password as soon as possible, but you should make it a strong one. Skip any passwords you use on other sites. Instead of a single word, Mulder suggests a phrase or sentence, which is harder to hack. So if you were considering “Swiftie0708,” opt for”Taylorswiftismyjam” instead. Better yet, swap out some letters for numbers and symbols: “[email protected][email protected]”
Make sure it doesn’t appear on this password list or follow a format that makes it easy for hackers to guess, such as using sequential numbers or simple phrases like “qwerty.” Worried you’ll forget a complex log-in? Mulder suggests installing a password manager, which will hold all of your complex passwords and require only a single master password for access.
2. Enable two-factor authentication
When it comes to your online security, it’s crucial you know what two-factor authentication is. This security feature ensures that you need more than a password to access your account.
After you enter your password, Instagram will text you a security code, or you’ll receive one from a third-party authentication app, such as Duo Mobile or Google Authenticator.
3. Don’t share your password with anyone
Suppose you’re at your partner’s house and realize you forgot your phone. You want to check your Instagram, so you ask if they can just plug your info into their phone for the time being. Fast-forward three months, and your partner is now your ex. They know your password and are tempted to use it to keep tabs on you.
Moral of the story: If you ever feel so compelled to give out your password, change it the first chance you have.
Now that you know what to do if you’re hacked on Instagram and ways to make your account more secure, it’s time to educate yourself about other cybersecurity issues, including spyware and doxxing. The more you know, the less your risk of falling prey to hackers.
- Identity Theft Resource Center: “ITCR: Bitcoin Scams Lead to Hacked Instagram Accounts”
- New Jersey Cybersecurity & Communications Integration Cell: “Increase in Reports of Hacked Instagram Accounts”
- Samuel Mulder, PhD, associate research professor at Auburn Cyber Research Center
- Instagram: “Hacked Accounts”