Instagram is crucial for designers, serving as a marketing and networking tool that’s key to landing new clients. So what should you do if you’ve had your Instagram hacked? First, don’t panic—you’re not alone. “I’d say it’s common for the average user to get hacked to some degree in their life,” says Matthew Krull, a social media strategist at design-focused communications agency Novità. “I hear more often than not from my friends and colleagues that they’ve experienced some suspicious activity on their account.” But if you’ve had your Instagram account hacked, it’s important to act fast. The quicker you move to recover your Instagram profile, the more likely you’ll be successful. Here are the steps for how to get your Instagram account back, as well as measures you can take to bolster your cybersecurity.
How do I know if my Instagram account has been hacked?
There are some clear signs you may be dealing with a hacked Instagram account. Most hackers immediately change your account’s personal data as a means of kicking you out and preventing you from regaining access to your Instagram. Any time your email, phone number, or password has been changed, Instagram will send you an email alert; that email will come from security@mail.instagram.com. If you didn’t change anything yourself, that’s a sign that a hacker may have gained access to your account. Instagram will also alert you to “suspicious login attempts,” which might be a sign a hacker is attempting to access your account.
Another sign that your Instagram account has been hacked is seeing unusual activity on your feed. Sometimes that’s images, Reels, or Stories appearing on your Instagram profile that you didn’t post yourself, and sometimes that’s your followers receiving direct messages from your profile that you didn’t send. (On that note, if you notice some off-kilter activity on a friend’s page, tell them! You may catch it before they do.)
Can I get my Instagram account back after it’s been hacked?
The short answer: It depends.
If you’ve had your Instagram hacked, it is possible to get it back, but you need to move fast so that the hacker can’t compromise your account further. If you act quickly, you might be able to kick out the hacker while they’re in your account—and, more crucially, before they’ve changed your personal data, deleted your photos, or posted to your profile. That way you can save yourself the trouble of having to recover your Instagram account through a Meta support request.
Receive Insider Tips from AD Designers at the Colors Trends Workshop
But if the hacker has already gone beyond logging in and has changed your account details like your password, email, and phone number, profile recovery becomes a lot more difficult. Depending on how much damage they’ve done, Instagram may be able to help you recover your account. But brace yourself: If your account has been deleted by a hacker, there might be nothing the Instagram support team can do to recover your account.
How do you regain access to a hacked Instagram account?
The answer depends on whether or not the hacker has changed only your Instagram password, or your Instagram password and contact info. Here’s how you can attempt to recover your Instagram account as soon as possible.
Hitting a brick wall at the login screen? Don’t panic yet. If you’ve found that your password no longer works, simply follow the steps for setting a new one, as prompted by the login page on the Instagram app. Hopefully, the login link will be sent to your email account or phone number, and you can use a security code to log back in to your account and change your password. This would be the best case scenario, as you can solve the problem yourself without having to contact Instagram customer service. (That said, it’s not a bad idea to contact them anyway and let them know that your Instagram account has been hacked—the company may point out some helpful security tips to keep your account safe in the future.)
This is where things get tricky. If you’re locked out of your social media account and you don’t receive a password reset link when you request one via the “forgot password” button, a hacker might have changed your email and phone number. Most hackers do this immediately so they can keep control of your account for themselves. They may even hold your Instagram account for ransom and request bitcoin or other plunder for you to get it back. If that’s the case, you’ll need to report the activity to Instagram by following the step-by-step instructions here. They will ask you to verify your identity in various ways, such as taking a video selfie to prove you are who you say you are. This process likely won’t give you immediate access; it could take days or even weeks to recover your Instagram account.
There is a new way to get fast, direct access to support—but you have to be willing to pay for it. Meta has rolled out Meta Verified, a subscription plan that provides both Instagram and Facebook accounts with premium features. Yes, that includes the infamous social media blue check, but it also includes specialized support, identity theft monitoring among them. Right now, Meta Verified is only available for individual accounts, not business accounts, but we wouldn’t be surprised if Meta expands the program in the future. Right now, Meta Verified costs between $11.99 and $14.99 per month, depending on the plan you choose—both include specialized support.
What should you do if you suspect someone is trying to hack your Instagram?
There are a few red flags that may indicate that someone may be trying to hack your Instagram account (or already has). Three key ones: receiving a changed-password email from Instagram that you didn’t trigger yourself, receiving an unprompted email-change request from security@mail.instagram.com, and seeing posts you didn’t make. Here’s how to get help.
If someone attempts to reset your password, Instagram will send you an email informing you of the change. “I take immediate action as soon as I get a notification or email from Instagram letting me know there was suspicious activity on any of the accounts I manage,” Matthew Krull says.
If you receive an email from security@mail.instagram.com that someone has requested to change your password and it wasn’t you, someone may be trying to hack your Instagram account. Report the situation to Instagram via the link in that email, then immediately change your password.
If you received an email from security@mail.instagram.com asking about changing the email address associated with your Instagram account but didn’t make that request yourself, click the link in the message that says Secure My Account. If you are unable to get through the Instagram login page, the scammer may have changed your password. Don’t lose hope yet—you can still get help by requesting a login link or a security code.
But remain attentive when it comes to these Instagram emails: Some messages that appear to be from Instagram could be phishing attempts or scams from hackers that could lead to your account being compromised or malware installed on your device. (We’re putting the correct Instagram email in here again for good measure: security@mail.instagram.com.) The good news is that Meta has developed a function to help protect you from email scams. If you enter the security section of the Instagram app, you can see what emails Instagram has sent you within the last two weeks. Reviewing that data should help you verify an email’s authenticity.
Keep in mind that other messages, like Instagram DMs and WhatsApp chats, can also contain phishing scams. Stay alert!
Be a part of AD’s list of approved design experts.
If you notice photos, Reels, or Stories you didn’t post yourself appearing on your page, or your followers notice strange DMs from your account, you’ve probably been hacked on Instagram. If you’re still logged in, you should change your password immediately, as doing so will kick the hacker out of your account. You should also manually log out of any suspicious devices via your login activity page, as well as revoke access from any third-party apps that might have had a security breach and exposed your login information.
Can you recover your Instagram account if it has been deleted?
In some cases, hackers might delete all your posts, leaving your account barren. Or they might delete your account entirely. If they’ve deleted some but not all of your account, you might be able to retrieve posts by going into the Your Activity section of your Instagram account and selecting Recently Deleted. (Obviously you can only do this once you’ve regained access to your account!) There, you’ll find posts from the last 30 days as well as stories from the last 24 hours. You can then restore those images or videos to your Instagram profile.
But if your account has been totally deleted, you might be out of luck. Instagram itself says, “When you delete your account, your profile, photos, videos, comments, likes, and followers will be permanently removed.” You can create a new account with the same email address you used before, but you may not be able to get the same username.
That said, there is a window in which you can recover your Instagram account. “If someone has deleted your account, you technically have 30 days to contact Instagram to explain that you have been hacked and [ask them] to put your account back up. Instagram claims it stores your data for that long,” says digital marketer Jonathan Simon, director of marketing and communications at the Telfer School of Management at the University of Ottawa. “However, this is a long shot. Once your account is deleted, it is likely gone.”
Interior designer Kristen McGinnis, for instance, was not one of the lucky ones. Three years ago, she found that she was logged out of her Instagram account due to suspicious activity—even though her two-factor authentication was enabled. “Instagram’s account retrieval process includes going through identity confirmation. I submitted this well over a dozen times within a month and received zero response,” McGinnis says. “Sadly, I never received any help, only headache and heartache.”
After a month, McGinnis gave up. She started a new Instagram account and used her inaugural post to explain what had happened to her former handle. She then started the painstaking process of refollowing her former connections, hoping they’d follow her back. Although many of them did, she needed to message others to reintroduce herself. The small silver lining was that her photos were autosaved to her phone. Still, the mishap had a cost. “I lost a few thousand followers, many of whom I will never get back because I don’t know who to reach out to,” McGinnis says.
Even though no method of account protection is completely fail-safe, staying on top of security best practices can hopefully prevent you from having to rebuild your following. You can also download your data every so often in order to keep an archive of your posts, your followers, and even your comments—that way, if you have your Instagram hacked and eventually need to rebuild your account, you have a running start.
What are some ways to protect my Instagram account?
Hacking isn’t limited to high-profile Instagrammers like celebrities and influencers with millions of followers. “Any account can be a target, because if the hackers are successful, they can use the hacked account to try to get important information like credit card numbers, addresses, and PINs from other unsuspecting users,” Simon says.
A strong password is an obvious place to start—and yes, those strings of letters and numbers suggested by Apple’s iOS are pretty safe. (If you’re concerned about remembering all of your logins, a digital password manager can help.) Still, there are a few additional steps you should take to thwart a potential hacking.
Two-factor authentication requires users to enter a security code from an authentication app or your cell phone via text message (SMS) every time they log in to a new device—and it’s a solid deterrent to scammers. Meta offers this service, and you can set it up via the security page in the app.
Keep an eye on your login activity, which can also be found under the security section of the app. There, you’ll see all the devices that your Instagram account is currently logged into, plus their geographic locations. If you see suspicious activity here, you can log out of those devices from your current one.
Granting third-party apps access to your account is an easy way to share content across different platforms, but it does come with some level of risk: Hackers can break into those apps and steal your Instagram login info. Head to your security settings, then click Apps and Websites to see what other apps have access to your Instagram account. Keep an eye out for any big data breaches that might affect those apps—if one happens, you’ll want to change your password immediately.
Though this measure won’t necessarily protect your account from hackers, it does give you a chance to save all your photos to your phone in the event you have your Instagram hacked and deleted. In the app, click on Settings, then Account, then Original Photos (iPhone) or Original Posts (Android), and make sure that Save is toggled on.
