Maybe you have 100 followers or maybe 100,000, but that sinking feeling when you realize your account has been hacked is universal. Instagram hacks come in several different forms — some post new content to your followers, while others change your email address, password, and username to lock you out completely.
If you find yourself the victim of an Instagram hacking (like in the recent one that switches your email address to a Russian one), here’s what you can do to get your account back.
If You’ve Been Hacked, But Can Still Log In
If someone else is posting content to your account, but you can still log in, there are a few things you can do to make sure you’re the only one with access. The first step is to change your password — either within the settings or by sending yourself an email to reset the login.
After you’ve changed your password, check third-party access to ensure the black hat hacker (someone who hacks for personal gain or something nefarious) isn’t posting from another source. Logging in with your Instagram information from third-party apps allows you to do things like automatically add your Instagram photos to your website, but depending on the third-party app, it could be a spot for vulnerabilities. Log into your account on a computer via an internet browser; on your profile page, tap the settings icon (the one that looks like a gear), then tap “authorized apps.” On the next page, click on “revoke access” to any apps that you don’t recognize. Or, revoke all access and go through the permissions process again for the apps that you actually use.
If You’ve Been Hacked, But Can’t Log In
Fall victim to a more devious hacker? Many hackers will change your password so that you have a hard time getting into your account. On the login page, tap on the “get help signing in option” to go to the reset password page. You can use the original email or username here.
The process varies slightly by the device you are using — on Android, you’ll need to tap the arrow icon in the top right after entering your username or email. On iOS, there’s no such arrow and you go right to the next step. Tap on “Need More Help” and the app will walk you through the rest of the process to recover your account by using the email or username to recover the account.
What do you do if hackers changed your email address?
The most nefarious hackers won’t just change your password — they’ll change everything, including your username and the email address associated with your account. And if you don’t have access to the email linked to your account, you can’t actually follow any of the above steps. (Well, you can, but you’ll just be sending a password reset email to whatever email address the hacker attached to your account).
Re-gaining access to a completely hacked account isn’t impossible, however. The first step is to see if you have an email inside the email account that was originally linked to your Instagram. When you or a hacker submits an email change request, you’ll receive an email from Instagram; inside this email is a link to click on if you didn’t actually request a change to your email. Check your junk mail and recently deleted emails if you can’t find it. (See image on the right as an example.)
If you have the email, that link is the easiest way to regain access to your account. Some readers, however, are reporting hacks that also gained access to email and deleted that message from Instagram. So what happens if you don’t have that email and the hacker changed all your information?
Instagram has two additional options along with the login help page. First, if you’ve linked your Instagram account to Facebook, you can use Facebook to change your Instagram email. If you linked your Facebook page to your Instagram account, you can reset your password with Facebook. On Android, tap “get help signing in” on the login page. Select the “log in with Facebook option” and use your Facebook credentials to log into your account. On an iOS that’s already signed in to the Facebook app, click the link with the Facebook icon that says “continue as” with your Facebook username. Once in, you can go to the settings page to adjust your email and password.
Instagram will also text you a link to get back into your account, an option for Android and iOS that works only for users that added a phone number to the account. On the login page, tap “get help signing in” then tap the phone option and type in the phone number on your Instagram account.
How to keep your Instagram safe from hacks
Re-gaining access to your account can be a nightmare, especially when the hacker changes the data normally used to recover the account. So, once you’re back into your account, or before you fall victim to hacking in the first place, what can you do to help keep your Instagram safe?
First, turn on two-factor authentication. While not 100 percent fail-proof, the feature is easy to set up and can be a big deterrent to hacks. On your Instagram profile page, access the settings menu (the icon that looks like a gear — on the app, you can find it after tapping the menu icon with three lines). Inside the settings menu, select two-factor authentication under the privacy and security options. Turn the feature on to get a confirmation code texted to you when you try to log in using a new device. You’ll have to add a phone number to your account if you haven’t already, but adding a phone number is also another way to recover a hacked account.
Hackers can also easily access your Instagram if they gain access to your email account — so make sure both your Instagram and your email have strong passwords (that aren’t the same). Change your passwords often and only authorize third-party apps that you absolutely need and trust.