Ok guys. There’s a wave of people getting hacked on Instagram lately.
I’m going to give you all the information you need.
Let’s talk about:
4 ways to avoid getting hacked on Instagram
Don’t want to get hacked?
Want to know how Instagram accounts get hacked? Or how to protect your account?
Here are 4 things to look out for.
1. Don’t click on sneaky links
This is how most people get hacked on Instagram.
You get a DM on Instagram, Facebook or an email (or anywhere else on the Internet).
And there’s a link in that message.
The message sounds legit, coming from what appears to be a “legitimate” company or a “real” person.
It can even come from your real friend.
But what you don’t know is that your real friend might have got hacked. And the hacker is now using their account to hack you in return (without your friend knowing).
See how sneaky?
Now, you think this is a legitimate message, with a legitimate link.
So you click on the link.
A page opens and it asks you to login to your Instagram account.
The login can be sneaky or fake.
This is how hackers get your Instagram password (or your precious, private Instagram Access Token).
Once the hackers get one of these, they have access to your account.
And that’s how you lose your Instagram account.
So, how can the link be sent to you?
1. Playing games (and the game asks you to login to your Instagram account to play)
2. Direct Message from a friend who got hacked
3. Fake Direct Message (DM) from an Instagram or Facebook account that pretends to be a real Instagram or Facebook employee or team.
They might say: “We can help you get your account verified!” or “You have violated Instagram’s Rules and Policies. Your account will be disabled in 24 hours if you do not reply. Click this link now if you think this is a mistake”.
NEVER click on their link. Instagram will NEVER send you a DM. Instagram will ALWAYS send you an email.
If Instagram wants to contact you, they will send you an email, or message via the “Emails from Instagram” tab in your Instagram settings – which is the only place you will find direct and authentic communication from Instagram on the app.
4. Receiving a fake Facebook or Instagram emailYou could receive an email from a fake Facebook or Instagram email address.
The email address you see that appears as the “sender” could be sneaky and fake.
ALWAYS check the email address it is coming from by revealing the real email address (click on the email address or name you see as the sender to reveal the real address).
If it comes from Instagram itself, the email address should end with …@instagram.com or …@facebook.com or …@support.facebook.com or …@mail.instagram.com). The address has to finish with an instagram.com or facebook.com. It cannot be anything else. If unsure, do not click on any link.
5. Clicking on a fake link
You could receive an email from a brand or person, with a link to click.
The link might appear to be real. But links can be very easily faked.
Here’s how to check if it is a real link:
- Right click on the link
- Copy the link
- Paste it in your Notes app
- You will see what the link truly is
Sometimes, the text of the link in the email appears to be a real link like “https://instagram.com“. Or it can be a different word, like “Click here to see my account”. But in the “backend”, the link is actually something completely different. This tricks you into thinking it is a real Instagram link.
6. Fake brand collaboration
You might receive an email or DM from a fake brand (who appears to be legitimate). And they are inviting you to collaborate.
They might send you a link to their Instagram account, website or for you to set up your profile on their “system”. If you are being asked to login with your Instagram account: Stop immediately.
Check the Instagram login form URL:
- Is it an Instagram.com URL? Or a random URL that is faking an Instagram login form?
- Even if it is a real Instagram.com URL, you have to be careful.
Never log in.
Not all logins are bad.
You just need to know what to look out for.
More about this in Step #4.
2. Update your email address and phone number
Go to your Instagram settings and make sure your email address and phone number are up-to-date.
Your email address and phone number are how Instagram can contact you and send you information to get your account back.
So make sure they are up-to-date.
3. Set up two-factor authentication
Next, set-up your two-factor authentication on Instagram.
“If you set up two-factor authentication, you’ll receive a notification or be asked to enter a special login code when someone tries logging into your account from a device we don’t recognize.”
This is an extra step that makes it harder for hackers to hack your account.
Here is how to set up your two-factor authentication:
4. Beware of third-party apps that are NOT approved by Instagram
Beware when you log into third-party apps and websites.
A lot of third-party apps are reviewed and approved by Instagram itself. So don’t get scared using third-party apps.
They’re not all bad. Only some are sneaky.
The rest are safe and following Instagram’s Policies.
You just need to know what to look out for.
We wrote a comprehensive blog post about how to check if an app or website is APPROVED by Instagram.
The key message here is:
Before you log into a third-party app, make sure it is approved.
This blog post covers everything in detail. So make sure to check it out.
What to do if your account has been hacked on Instagram?
Friend. That sucks but keep calm.
Instagram has a worldwide team dedicated to helping you recover your account. And it can be quite fast.
A lot of people got their account back by doing this.
There are 4 methods.
Method #1. Revert the change
If you got an email from Instagram saying:
“This is a confirmation that the password for your Instagram account changed” and you didn’t change it, click on “secure your account here“.
Method #2. Forgot password
If Method #1 didn’t work:
- Go to your Instagram app login screen
- Tap on “Forgotten password?” (iPhone) or “Get help logging in” (Android)
- Follow the instructions on the screen
- Enter your username, email address or phone number associated with your account
- Select your email address or phone number
- Tap “Next”
- “Send login link”
- Click on the login link you receive via email or SMS
- Follow the instructions
If you don’t receive a security code, tap on “I can’t access this email address or phone number” (it is below “Send security code”), then follow the on-screen instructions.
If it didn’t work the first time, try again, as often as you can. After a while, you might get a different set of instructions or an email by Facebook.com itself.
If you get an email from them, and they say they can’t help you, explain your situation and ask to verify your identity to get your account back.
For example, you can write:
If this method didn’t work, try method #3.
Method #3. Get your Security Code or Submit a Support Request to Instagram
This is the official Instagram process.
You have to wait a little bit, but it works to get your account back.
- Tap “Forgotten password?“
- Type your username or phone number
- Tap “Need more help?” under the “Next” button
- Choose your email or phone number
- Tap “Next“
- Follow the on-screen instructions
- If you still don’t receive a security code, tap on “I can’t access this email address or phone number” (it is below “Send security code”), then follow the on-screen instructions.
Make sure you enter a secure email address that only you can access.
You should receive an email from Instagram with the next steps.
In the email, Instagram will ask you to verify your identity.
They will ask you to take a photo or video of yourself with a paper in both hands, on which you will have hand-written a unique number that they gave you.
Alternatively, they might ask you to take a photo of yourself holding your identification document next to your head (like your national ID or passport).
Once you’ve submitted the video or photo, you will receive an email from Instagram at the secure email address that you provided.
How long does it take to receive a response from Instagram?
For some people, it takes less than an hour to get a response and their account back. For others, it takes a day or more.
1) Be nice in your message. There are actual human beings behind the screens and they are receiving millions of messages. As much as you might want to scream, be nice. A nice message can go a very long way.
2) If they reply and don’t ask you to verify your identity but say: “Your account has been removed” or “permanently deleted” and “we cannot restore your account” – don’t despair. Reply to the email and ask them to verify your identity and credentials.
Say something like:
Method #4. Live chat with a Facebook Rep
This is more advanced. You shouldn’t have to do this method.
Usually Method #3 (above) will work. So wait for a little bit until Instagram gets back to you. Or complete the same steps again once a day, until you receive a positive message from Instagram.
This method (Method #4) should be your last resort.
This method involves running an ad or an Instagram Shop.
Once you have an ad or a Shop, you can get in touch with a Facebook Representative.
If you want to try the ad trick:
Live Chat by clicking on “Getting Started” using this link:
If this doesn’t work, try this:
- Go to Facebook.com
- Open your Facebook Business Page (or create one if you don’t have one)
- Set up an ad, even if it’s just for $5 (like this). If you already have an ad running, go to the next step.
- Once you’ve set up your ad, go to the Business Help Center (here)
- Scroll down to “Find Answers or Contact Support” and click on “Get Started”
- Select “Ads”
- Click “Chat with a Representative”
- Fill in the form. But don’t talk about your hacked account yet. Their job is to help you run your ad. So explain that you are having issues running your ad.
- Send the form. A representative will be assigned to your request.
- Once you are talking with the representative, explain that you cannot run the ad on your account because your Instagram was recently hacked and you need help recovering your account. Say that you are happy to send any information necessary to verify your identity.
- If the rep doesn’t help you, go back to step 7. Each time you lodge a new form, you could get in touch with a different Facebook Representative. Try until someone helps you.
LYFE Marketing shared this video to show you the steps to Live Chat with a Facebook Rep:
If you have an Instagram Shop setup:
This is easy if you already have an Instagram Shop setup.
You can get Commerce Manager support through email or live chat.
- Go to Commerce Manager and select the account that you need help with
- In the Education tab, select Contact Support
- Use the dropdown to choose the topics you need help with
- Write your message
- Select either Chat or Email as your Preferred Contact Method (Note: Live Chat might not be available in all countries yet)
- Select Send
How long will it take to receive an answer?
“If you select Email, replies to your message may take up to 24 hours and are sent to your business email address. (You can change this email address in your Commerce Manager Settings.)
If you select Chat, this opens a conversation in Facebook Messenger. A representative will join the chat soon after.”
I really hope this blog post will help you.
If you have been hacked and get your account back:
Which solution worked for you?
Please share in the comments below so we can help each other out.