You get a message from your friend asking why you’ve posted weird stuff on Facebook, or a relative asks why you’re trying to sell them investment brokerage services on Instagram. At first you’re confused but then it slowly dawns on you: you’ve been hacked.
The worst thing about social media hacks is that you almost never realize it’s happened until after the fact. Other people notice suspicious activity from your account and tell you about it. You’re often the last one to know you’ve been hacked.
Social media hacking is a big problem
Hacking on social media networks is common. Social accounts can be a treasure trove of information that cybercriminals can sell or use to extort you. A look at some numbers shows just how big of a problem it is:
- Between June 2017 and April 2018, 533 million Facebook users had their data stolen.
- In July 2020, 130 high-profile Twitter accounts were compromised to promote a bitcoin scam.
- In January 2021, a SocialArk data breach exposed 214 million social media accounts.
- In August 2020, an unsecured database exposed 235 million Instagram, TikTok, and YouTube profiles.
Your account could easily be one of the millions that gets compromised in a big data breach. If you’re not careful, hackers could go after your individual profile too.
Why do hackers want your social media accounts?
There are plenty of reasons why someone might want to hack your Facebook, Twitter, Instagram, or LinkedIn profile. It could be a friend or acquaintance playing a joke on you. It could be an ex who wants revenge. It could even be corporate espionage.
For the most part, though, social media hacking isn’t personal.
Hackers want to break into your account so they can make money off you. They do this in two ways:
- They gather information like your name, address, phone number, or birthday and sell it on the dark web to other hackers and cybercriminals.
- They hold your account ransom and demand payment if you want access again.
Signs your social media account is hacked
Social media hackers are sneaky. They don’t want you to know right away that your account has been hacked. That way, they can do as much damage as possible before you have a chance to fix the situation.
Still, there are signs you can watch out for. You don’t have to suspect that you’ve been hacked to look for these indicators, either. Make a habit of keeping an eye on your social media accounts as a preventive measure.
Look for these signs:
- You get an email confirming a password change that you did not make.
- You are unable to log into your account with your usual password.
- Your account is following people you don’t know all of a sudden.
- Friends and family are receiving messages from your account that you did not send.
- There are posts on your account that you did not make.
- Another account is using your name and photos.
What you should do if your social media account is hacked
Once you’ve confirmed that your social media account has been hacked, you need to move quickly. Take the following steps to minimize the damage.
1. Run a malware scan on your device.
If you’re not quite sure how your account was broken into, it’s possible you clicked on a malicious link. You may have downloaded malware onto your computer or mobile device without knowing it. Before you do anything else, run a scan on your device with a reputable antivirus and antimalware service. Some good examples are:
- Norton 360
- McAfee
- Bitdefender
- Malwarebytes
- Avast
If the scan detects any malware, delete it and then restart your device.
2. If you can log in, change your passwords.
If you can still access your social media account, change the password immediately. You might use the same or similar passwords for other accounts, so change those too. This is a great opportunity to start using a password manager if you don’t already. Your passwords should be at least 12 characters long, ideally 16. They should be a random series of letters, numbers, and punctuation marks. Of course, that’s impossible to remember, which is why you need a password manager.
3. If you cannot login, report.
Social media sites have processes in place to help people regain access to their accounts. If you think you’ve been hacked and cannot log into your account, report it to the website. Here are the links to report and restore hacked accounts for each major social networking site:
What to do once you regain access to your account
Confirming and reporting your compromised social media account are only a few steps in this process. After you’re able to log into your account again, you have some security check-ups to complete as well. Take the following steps:
1. Check your security settings
Go through your account’s privacy and security settings to make sure nothing has changed. This is also an opportunity to improve your account’s security if you were lax about it before. Set your account to “private” mode so it doesn’t appear in public searches and so you have to approve new followers. On Facebook, you can also set your account so that only friends of friends can send you friend requests.
2. Turn on two-factor authentication
Ideally, all of your online accounts should be set up with two- or multi-factor authentication. The most common way to do it is by receiving a text message with a code to your phone. It could also be a security question you have to answer.
3. Remove third-party app access
When you sign up for a new app, game, or service, you may have the option to sign in with a Facebook or other social media account. If you always choose this option, then you may be surprised to find a long list of third-party apps you’ve given access to your account. The information you have on your social media account is shared with these apps, putting your sensitive info in even more places on the web. If the third-party app gets hacked and has access to your account, then your information is exposed. Remove these apps from your social media accounts or revoke third-party access altogether.
4. Do damage control
It’s possible the hacker sent direct messages (DMs) or created posts with your account. Look at your inbox to see who received DMs from your account and if the messages “you” sent them contain links. Warn these people not to click on any links that came from your account during the time the hacker had control of it. Also, check for posts from your account that you didn’t make and delete them. By looking through these messages and posts, you can start getting an idea of the personal info the hacker might have exposed.
5. Report potential identity theft
If, after your checks, you suspect the hacker may have gotten a hold of your Social Security number or used your name and date of birth to apply for government benefits or file federal taxes, you should report it at IdentityTheft.gov.
Tips for preventing social media hacks
Of course, the easiest way to deal with a social media hack is to avoid having a hack at all. A few preventative steps can make your account safer and less of a target.
Be careful about sharing your information
Don’t send your usernames and passwords for your social media accounts over email or any messaging service. If you need to share account access with someone, consider using a password manager like LastPass that lets you send credential info securely.
Keep everything updated
Your browser, operating system, and security software (firewalls, anti-virus software, etc.) should always be updated with the latest versions. Developers release patches to known security vulnerabilities with these updates so if you forgo one and a hacker gets into your social media account, you could be left vulnerable.
Avoid public computers and Wi-Fi
Try not to sign into your social media accounts on devices that other people have access to. If you absolutely need to, though, don’t let the browser remember your password and log out when you’re done. There are many pitfalls to using public Wi-Fi as well, and a hacker can easily spy on whatever you’re doing with your device if you connect to a public network — including getting your social media account password.
Sign up for apps with your email address
Don’t use your social accounts to sign up for new services. The more third-party apps have access to your account, the greater the chances that you’ll get hacked.
Vet the software you use
Never download software you’re unfamiliar with. Read reviews online and check the program out thoroughly before downloading. Also, only download software and apps directly from the developer’s website or, on a mobile device, from the App Store or Play Store. Be wary of free downloads because they could come with malware.
Do regular security checkups
Getting hacked shouldn’t be the only time you review your social media account’s privacy and security settings. Most networks don’t send you reminders to review these settings, unless there is an update. Set a reminder for yourself to check out your account’s security every six months or so.
Staying safe on social media
Many of us can’t imagine life without social media. One sure-fire way to avoid getting hacked on social media is by not having social accounts at all. But social media is so ubiquitous that it’s not an option for most people. If you’re going to be on social networks, at least be careful. Take precautions so that you don’t become a target, and be careful about the information you share.
Chris Parker
Latest posts by Chris Parker (see all)
- Common Privacy Risks in the Digital Age - June 13, 2024
- Beware of Credit Card Skimmers - December 12, 2022
- What to Do If Your Social Media Has Been Hacked - May 16, 2022
Leave a Reply