Wizer Free Security Awareness Blog

Social Media Hacked?! Now What Do I Do?

Written by Ayelet HaShachar Penrod | May 31, 2023 1:45:47 PM

It can be scary when you find someone uninvited has gained access to your account, be it social media, email, financial or other. All is not lost, but as with most incidents, speed is key in taking action to minimize any damage criminal hackers may cause.

This guide will walk you through what to do when you find your social media account has been hacked. You can download this guide below as a PDF to share with friends and family who may need it.

What to do if Your Social Media Is Hacked

Having a hacked account doesn't always mean you're locked out, criminals might just be testing the waters inside someone else's account or gathering information of contacts or personal information. If you see posts on your profile you don't remember posting, or notice your name or birthday was changed or notice your email and password settings were changed then these are good indicators it's time to strengthen your security.

1 - Lost Access? Report It to the Social App

Many social apps offer support for recovering a hacked account and it's important to report it but you should take caution searching online for services that offer to help you get your account back for a fee. These generally are scams by individuals looking to take advantage of your vulnerable situation. Instead, follow the steps provided on the official website of the social app affected. Here are a few direct links to help you get started on the official site for each:

🔗Facebook 🔗TikTok
🔗Instagram 🔗LinkedIn

 

2 - Ask Friends & Family To Report It, Too

It isn't always a straightforward reinstatement of an account once you report your account as hacked. The platform has its job cut out for them to verify whoever can best validate their claim as being the rightful owner. So it is helpful to have friends and family also report the account as hacked to add more validity to your case. 

3 - Ensure a Strong Password is used for your account

Now that you've gotten back into your account, you've probably already had to change your password but make sure you created a strong password - make sure what you've created follows the guidelines for being a strong password. What makes a strong password? Length (currently aim for 12+ characters) + complexity + unique = Strong

If that sounds daunting to keep up with, consider using a password manager and creating passphrases instead of just a jumble of random numbers, letters and special symbols. This guide can give you a simple and easy way to generate strong, unique passwords.

4 - Turn ON MFA for your social Media Account

MFA, or multi-factor authentication, is something you're probably already using to some degree if you have online banking. It's where the account requires you to provide one more step when logging in to prove it's really you - so either you get a text message with a code to your phone or you have to use an authenticator app like Google Authenticator or Authy. 

Using MFA (aka 2FA) is a simple way to give your account security a solid upgrade. It's recommended to use MFA wherever it is available and most accounts offer it now. We have an easy guide to help you find the setting for 16 of the most common apps here to help you get a jump on stronger account security.

And it's important to note that if you choose not to turn on MFA and your account gets hacked again, the hackers could turn on MFA for themselves, and then proving you are the real owner becomes much, much harder. 

5 - Check for Unrecognized Activity in your Account settings

Criminals sometimes like to lurk as opposed to completely taking over your account. To do this, sometimes they will simply add their email as a backup email for the account so they can reset the password if they get locked out from all the new security upgrades you're making.

Or they may add their phone as a trusted device for use with MFA so it's critical after an account hack that you take the time to play detective and check these settings to be sure everything is on the up and up and no one else is hanging out where they don't have permission to be.

6 - Notify Friends, Family, and Work

It may feel uncomfortable but letting friends and family know you were hacked helps to protect them, too.  It gives them the ability to be on alert for any suspicious messages that may have come from the hacker pretending to be you. Notifying your work may seem excessive but if you have colleagues in your social media network or you have work accounts connected to your social media (for instance, if you're a social media manager) then it simply gives everyone a head's up to be extra cautious if they received a message from you that seems off.

Staying safe online isn't a one-and-done event. After you've taken all the steps here to strengthen your account security keeping yourself aware of current scams and best online habits is the best way to keep your online accounts and private information safe. 

Learn some of the common tactics scammers use to compromise your account and ways they try to steal your data on social media with our free Citizen's Guide to Protect Your Social Media more.

Additional Resources:

Email Hacked?! What To Do Next