If you’ve logged into your Instagram recently to find a bunch of messages from friends saying “um…I think you’ve been hacked”, welp. Bad news, friend. You have.

In the words of disco legends CHIC, it’s time to “ahhhhh, freak out!”

After all, sending out a whole bunch of spam messages and who knows what to your followers isn’t exactly good for your brand’s reputation

But once you’ve done your freaking out, it’s time to go into damage control mode. Here’s everything you need to know about dealing with a hack – and stopping it from happening in the first place. 

How even in the IG savvy can get hacked

When we talk about people falling prey to scams, we usually think of Grandma giving out her bank details to a nice phone caller. But even those of us who live and breathe all things digital can get scammed. Take IG user Julie Hiles Beauty. She’s been on IG forever, and uses it to connect with clients and as a portfolio for her work. 

One day she got a request from an online friend to vote for her as part of a competition. It seemed legit and real, and she clicked without a thought. Seconds later, she was kicked out of her account, then received a bunch of emails telling her that her email, password, two-factor authentication and username had all been changed. 

She tried to recover her account, but all of the back-up codes were sent to the hacker’s accounts. The hacker was messaging people to spread the fraud, and then started posting on her stories encouraging people to get involved in crypto. She was helpless – she couldn’t get on to tell people not to invest, not to click a link, or not to vote on anything. 

Unfortunately, Instagram fraud security is very poor, and she was on her own figuring out how to get back in. Thankfully there are a ton of user-generated tips out there to help you reclaim your little corner of the social media realm.

Restoring your IG account, post-hack

If you’ve been hacked or locked out of your account, Instagram isn’t going to do much to help you. But if you head to YouTube you’ll see some great step-by-step tutorials on how to handle your situation. 

This one from Ariellevate is a great, comprehensive walk-through. Basically, you’ll need to verify your account using proof of identity via a selfie, and then harden your account by resetting your passwords, two-factor authentication, and your FB login (remember, IG is linked to FB). 

Before you get started, make sure you’ve got some time on your hands so that you can repeat steps if necessary, and have another screen (an iPad or computer) handy just in case.

Basically, you’ll want to:

-Attempt to log into your IG account, then click “forgot password” and “I need more help” option. When on the Recover Your Account screen, try using your phone number or email address (if listed) to recover your account. 

-If that doesn’t work, go to “try another way”, “get support”, then “my account was hacked.” Click the “Yes I have a photo of myself on my account” button, then provide a way for IG to contact you. They’ll send you an email with a security code, as well as a prompt to begin a video verification process. Follow their prompts, then cross your fingers that they approve you – this can take up to 24 hours.

-Once you’re back into your account, it’s time to secure it! Reset your password and your two-factor authentication (you might need to turn this off temporarily if your hacker still has their details on your account). Then using the browser on your computer load up IG, go to Settings, then Account Center, and delete any “linked accounts” that don’t look legit. After that, head to FB and change your password and two-factor authentication details there. You’re done!

Preventing Hacks in the First Place

Whew, you did it, but wasn’t exactly super fun, was it? Don’t put yourself through that again! You need to keep your all-important data safe. From now on:

-Have two-factor authentication enabled. Yes, it’s annoying, but it could save your bacon (and reputation).

-Have a selfie on your account! Selfie verification is almost impossible if you don’t have a selfie posted to your account. Make sure you have a pic of your face somewhere on your grid. (Besides, selfies are a great way to build an authentic online presence!)

-Don’t reuse passwords. Use those impossible-to-remember Google-generated ones and save them in a password management tool. Again, annoying, but worth it.

-Secure connected accounts. Having great security on your IG is worthless if your email and FB aren’t locked up tightly.  

-Don’t click dodgy links! If a friend suddenly asks you to vote for something or invest in crypto, RED FLAG. Chances are they’ve been hacked. 

-Educate your fans! Make sure your fans know what kind of scams are out there, and that you’ll never randomly ask them to click a link or vote on something. Help them avoid the same situation!

Make sure you’re building your email list! I’ve said it a thousand times, but I’ll say it again. You don’t own your social media – or your fans. If you’ve built a solid mailing list and sales funnel, getting locked out of your social media will still suck, but it won’t be an End of Times event.

Need some help managing your brand rep?

Whether you’ve been hacked or are just worried about it happening, let’s talk. As a social media management agency, part of our job is to help ensure that you’re building your online reputation in all the right ways – and keeping your account, and your followers’, safe! If you need to clean up your account post-hack or just want to check that everything is in order, get in touch or follow us on IG for more account safety tips!