Instagram hacked? 4 ways to get your account back

“Instagram hack”: Two words that usually conjure images of artsy crafts, not digital nightmares. But if you’re facing the latter, don’t fret. Here’s a step-by-step guide to reclaiming your Instagram account if it’s been hacked, so you can restore sanity to your feed.

Jump to…
How you can tell if your Instagram is hacked
How to get your Instagram account back after it’s been hacked

• Step 1: Check if you can still sign in with your password
• Step 2: Check your email to undo account changes
• Step 3: Recover your account through the app
• Step 4: Request help directly from Instagram

What to do if a hacker has deleted your Instagram account
Are you at risk of getting your Instagram hacked?
How hackers gain access to Instagram accounts
The best ways to protect your Instagram account

How can you tell if your Instagram is hacked?

Before you can take action to regain control of your hacked Instagram account, it’s important to first identify whether your account has actually been compromised. 

Here are nine of the most common red flags signaling an Instagram hack:

1. Unauthorized posts or activities: If you notice posts, comments, or direct messages that you didn’t create or send, it’s a clear indication that someone else might have access to your account.
2. Unusual account behavior: If you receive notifications for actions you didn’t perform, such as following unfamiliar accounts, liking unrelated content, or making unexpected changes to your profile, it’s a red flag.
3. Sudden drop in followers or engagement: Hackers might make changes that lead to a decrease in your follower count or engagement metrics, such as blocking your followers or changing your content.
4. Email or password changes: If you receive notifications about changes to your email address, phone number, or password that you didn’t initiate, your account might be compromised.
5. Suspicious login attempts: Getting notifications about unfamiliar login attempts? Someone might be trying to break into your account.
6. Inability to log in: Hackers are known to act swiftly, often changing your account’s personal information right off the bat to kick you out. If you find yourself suddenly unable to log into your Instagram account, despite entering the correct credentials, it’s possible that an unauthorized person has taken control.
7. Unfamiliar devices: Instagram provides information about the devices that are logged into your account. If you see devices you don’t recognize, your account may have been accessed from an unauthorized source.
8. Unusual activity on your feed: Random images, Reels, or Stories appearing on your profile are a sure sign someone else is at the helm. 
9. Dodgy DMs and suspicious links: If your friends are complaining about weird messages from your account containing unknown links, a hacker could be using your identity for malicious purposes.

Can I get my Instagram account back after it’s been hacked?

In short: Yes. As long as you move fast. The quicker you take the necessary steps to reclaim control of your Instagram account, the higher the chances of a successful recovery. 

Step 1: Check if you can still sign in with your password

If you notice one or more of the warning signs above, try to see if you can still sign into your account. Some hackers crack into social media accounts without changing their passwords. This could be because they were able to access your account even though they did not have your password (such as if they did so while borrowing your phone).

If you’re able to log in to your Instagram account, or you’re still signed in to Instagram on one of your devices, immediately change your password to kick the intruder out before they mess with your personal info, wipe out your photos, or post who-knows-what on your profile. 

Here’s how to do it:

1. Once logged in to your Instagram account, head to your profile
2. Navigate to the hamburger menu icon ≡ in the top right corner 
3. Select Settings and Privacy from the dropdown menu 
4. Tap Accounts Center
5. Under Account Settings, tap Password and security
6. Select Change password and then choose the Instagram account to make changes
7. Follow the prompts to create a strong, unique password

Then, ensure any intruders are kicked out of your account

1. On the Password and security menu, tap Where you’re logged in 
2. Tap any device that looks suspicious and tap Select devices to log out

If you find yourself logged out of your account and unable to get back in (i.e., the hacker has changed your password or other details), you can try the other methods below.

Step 2: Check your email to undo account changes

If a hacker is attempting to change your password, you may have received an email from Instagram (via security@mail.instagram.com) alerting you that your email address has been changed. If you act quickly, you can undo this change by selecting the Secure my account hyperlink in the email. 

Step 3: Recover your account through the app

If you discover that the hacker has successfully changed your password, as well as your email address for account recovery, follow the steps for setting up a new password via the mobile recovery option: 

1. On the Instagram login page, tap Forgotten Password?
2. Select Search by mobile number 
3. Input your cellphone number, then tap Find Account  
4. You should receive an SMS with a password reset link 
5. Follow the prompts to change your password

If the hacker has already gone beyond just logging in and has messed with your account details like passwords, email, and phone numbers, things get trickier. Depending on the depth of the breach, Instagram can help you regain control of your account. 

Step 4: Request help directly from Instagram 

If hackers are holding your account ransom or have locked you out completely, and you have no way to retrieve your password, you’ll need to report your account getting hacked to Instagram directly. The social media platform offers a few options to recover your hacked Instagram account. 

For example, if your Instagram support request is for an account that hasn’t got any photos of you, Instagram will ask you to provide the following information to verify your identity:

• The email address or phone number that you used to create the account
• The type of device that you used to create the account 

Alternatively, if you submitted a support request for an account with photos of you, Instagram will ask you to take a video selfie of you turning your head in different directions. This is to ensure that you’re a real person and that you are the rightful owner of the account. 

This process might not yield instant results (it may take days or even weeks), but by closely following these steps, Instagram will likely give you control of your account back.

What to do if a hacker has deleted your Instagram account

In certain instances, hackers may take control of your Instagram account and proceed to erase all of your posted content, rendering your profile empty. Alternatively, they might go a step further and completely delete your account.

How to retrieve deleted posts on Instagram

You will only be able to retrieve deleted posts once you’ve successfully regained access to your account. First, access the Your Activity section within your Instagram profile and navigate to the Recently deleted option. It’s here that you’ll find posts from the last 30 days, as well as stories from the past 24 hours. You can then restore these images and clips to your Instagram profile. 

Retrieving a deleted Instagram account

If you believe a hacker has permanently deleted your Instagram account, contact Meta, Instagram’s owner, immediately. This is because when you decide to permanently delete your Instagram account, the platform holds onto your data for about 30 days. So, if a hacker takes control and deletes your account, you’ve got roughly a month to report the situation to Instagram. If you miss that window, your account will likely be lost forever, along with your profile details, photos, videos, comments, likes, and followers. 

Who’s at risk of getting their Instagram hacked?

While anyone is at risk of having their Instagram account hacked, there are certain people who are more likely to be targeted. These include:

• Those with a large following: Accounts with a lot of followers are more valuable to hackers, as they can use them to spread spam or scams.
• Influencers: Hackers may target influencers in order to gain access to their personal information or to use their accounts to promote their own products or services.
• Businesses: Business accounts can be hacked to steal customer data or to damage the company’s reputation.
• People who use weak passwords or reuse passwords across multiple accounts: If you use a weak password or reuse the same password for multiple accounts, it’s more likely that your Instagram account will be hacked.
• People who click on phishing links or install malicious apps: Phishing links and malicious apps are common ways that hackers gain access to people’s accounts.

Cybercriminals target social media accounts for personal info. Once hackers are in one account, they exploit it to breach others. They deceive victims’ contacts, share fake content, harmful links, and seek money. This is why accounts with many followers are more attractive—they could extend the hacker’s reach to more people. 

Instagram accounts present a potential for extortion, where attackers demand payment in exchange for regaining control of compromised accounts. The risk is further amplified by the fact that other specific social media services, such as Facebook (that are linked to one’s Instagram account), can act as gateways to more sensitive platforms like e-commerce sites that contain credit card details. Compromised accounts are also frequently sold on the dark web.

Read more: How much is your data worth on the dark web?

Instagram’s growing popularity has led to a surge in hacking attempts on the platform—in fact, it has the highest risk of unauthorized access among social media platforms. Recent market research from Gitnux reveals concerning statistics: 85% of Instagram accounts have experienced some form of compromise, whether through hacking or data leaks. 

Among these cases, 70% of victims were locked out of their accounts, and 71% had hackers reaching out to their friends using their compromised accounts. This issue is particularly concerning considering Instagram’s substantial user base, which exceeds 1.35 billion people, solidifying its position as the world’s fourth most utilized social media platform.

How do Instagram accounts get hacked?

Hackers usually employ a range of tactics to gain unauthorized access to a person’s Instagram account, exploiting users’ trust and vulnerabilities. Here are six of their most commonly used tactics: 

1. Posing as friends: Hackers impersonate friends to lower victims’ guard, leading them to click malicious links. Nearly half of account takeover victims have clicked on links in direct messages from people they know.
2. “Get-rich-quick” scams: Cybercriminals entice victims with promises of wealth through cryptocurrency or investment scams, getting them to inadvertently click on links that contain malware. 
3. MITM attacks: Using unsecured Wi-Fi, attackers perform man-in-the-middle attacks to intercept transmitted information, potentially stealing passwords.
   
4. Bait and switch attacks: Victims receive links to fake Instagram login pages. When credentials are entered, scammers gain control of the account. (Read more: Signs a shopping website is fake)
5. Data leaks: When personal information is exposed due to breaches in other online platforms, hackers can leverage this information to attempt unauthorized access to Instagram accounts. 
6. Link vulnerability: Linking Facebook and Instagram accounts can expose both platforms to attacks. A breach in one account can lead to compromise in the other.

Knowing these tactics is key to boosting your Instagram security and keeping your online presence safe. However, staying informed is only part of safeguarding your Instagram account.

How to prevent your Instagram account from being hacked

If you want to thwart potential hackers, there are a few additional steps you can take:

Create a strong password

Use unique, complex passwords for all your accounts; using a password manager is helpful for this. If you repeat passwords, someone who finds out one of your passwords (such as in a data breach) would be able to try it on all different accounts.

Opt-in for two-factor authentication (2FA)

2FA adds an extra layer of security to your account by requiring you to enter a code from your phone each time you log in.

Be careful about what links you click on

Hackers often send phishing emails or DMs that contain links that, when clicked, will take you to a fake website that looks like Instagram. Once you enter your login information on the fake website, hackers can steal it.

Monitor login activity

Regularly review your login history to spot any unusual devices or locations. If suspicious activity is found, log out of unfamiliar devices immediately.

Revoke access to third-party apps

You may have given third-party apps access to your Instagram account in the past, such as a scheduling app or a follower checker. Check your settings regularly to make sure you only have access granted to apps that you trust.

Enable autosave

Turn on autosave for your original photos/posts to your device. This won’t prevent hacking but ensures your content is saved in case of an account compromise.

Avoid Facebook logins

Create separate logins for each account instead of linking Instagram to Facebook to prevent a domino effect in case one credential is compromised.

Activate security notifications

Enable alerts for login attempts from unfamiliar locations or IP addresses.

Use a VPN

Turn on a VPN like ExpressVPN to encrypt your internet traffic, keep your location private from Instagram, and safeguard against interception of your credentials on unsecured Wi-Fi.

Avoid public Wi-FI

Avoid signing in to your social media accounts on public Wi-Fi. If you do, make sure you use public Wi-Fi with a VPN. 

Keep your software up to date

Instagram regularly releases security updates to patch vulnerabilities that hackers could exploit. Make sure to install these updates as soon as they are available.