Your social media has been hacked, what do you do next?

Social media pretty much rules our lives, at least for many of us. We go there for daily updates, check-ins, to communicate, check news feeds and get a dose of entertainment. Not only that, we automatically give permission to third-party apps when using social media, and forget about the data we’re sharing. Another thing we forget about is the ability for our social media accounts to be hacked. And when the likes of Elon Musk, Bill Gates, Barack Obama and Kanye West can even have their social media hacked (even in 2020), it’s definitely a good idea to look into what you can do if you ever fall victim to a social media hacking. 

Why do hackers target your social media accounts?

It’s all about the data and personal information that is stored, but cyber criminals and hackers can have various reasons. One of the most common is to sell your information to scammers or other sites, or the hackers may even be scammers themselves. So, in a broader context, hackers are after your confidential information that can be used to scam you, your family and friends.

How can you tell your social media has been hacked?

• The social media account that has been hacked may inform you of a login from an unusual location 

• You receive an email to notify you of your changed login details that you didn’t do

• People message you asking about the weird video you ‘sent them’ or a spammy post that you posted

• You may notice posts have appeared from your account that you haven’t shared or written

• You can’t log into your account, and you haven’t changed your password

• You’ve noticed you’re following quite a few profiles or pages you don’t remember visiting

• People message “is this you?” and show another account using your name and photos

What to do if your social media account is hacked

Whether you can log in or not, make sure you inform your family, friends and whoever should know so they know not to click on anything suspicious and risk their own accounts being hacked.

If you can log in:

1. Log into the account and head straight to the security settings to monitor what devices are currently logged in or when they were logged in. Remove any you don’t recognise, and log out of these sessions 

2. Change your password to a stronger one - many accounts can indicate the strength of your password with a bar underneath as you type

3. Set up two-factor authentication so you have another layer of security when logging in

4. Check for any numbers or emails associated with the account that you don’t recognise and remove them

5. Review your account’s third-party app integrations and permissions, as it’s probably time for an update and clear-out

6. Report it to the social media platform, so they can log it and look into it

If you can’t log in:

1. Try to send yourself a password reset email to recover your account and change your password (follow the steps above once you’re in again)

2. If you’re still struggling to get into your account, report your account as compromised straight away and use the relevant resources and pages of the social media account e.g. LinkedIn has a ‘Reporting a Hacked Account Form’ and Facebook has a hacked reporting page

Make sure you check and update your antivirus software, and read up on your social media platforms’ recommendations on how to keep your accounts safe.

How can you prevent your social media getting hacked?

Luckily, many social media accounts have security features in place. Here’s what you can do:

• You should change your passwords regularly, making sure never to repeat them or create weak ones. See our guide on how to create a strong password

• If you haven’t already done so, make sure all of your accounts have two-factor authentication set up 

• Also, set up a recovery email in case you ever forget your password and struggle to get access, or if you have trouble with your primary email

• In the security settings, you can also set up alerts for logins - that can go to your email as well as your phone - so you can keep tabs on what locations and devices are logging into your account. Here you can review them and take the necessary steps if you don’t recognise a login

• Regularly check your active logged in sessions in the security settings. Here you can see what devices have recently logged in, along with locations. If you’ve visited somewhere and used a device you no longer have, it’s best to remove that device and log out of any other sessions

• Check your emails often for alerts from your social media accounts to keep tabs on suspicious activity. If you haven’t already, have email push notifications set up so you’ll always be informed

• Do not click on any suspicious or spammy looking content, even if it’s from your friends online, as their accounts could be hacked and this is how a hacking chain can happen. If you are in doubt, simply ask them if they’re aware of what they have sent and that it looks like spam. Better yet, try to speak to them in person in case they haven’t got access to their account

• Avoid signing up to third-party integration apps as much as possible. Many may be legitimate, but the more you keep giving permissions to, the more chance of gaining unwanted, spammy hackers

• Get into the habit of logging off after each session, especially if you use a lot of different devices from a range of places

• Use incognito browsers, especially on shared computers

• Password protect your computers, tablets and mobile phones - many smartphones also have fingerprint security

• Regularly use updated antivirus software and do frequent clean-ups on your devices to clear any unneeded clutter or to spot any unrecognisable programs or apps

• If you have children, read up on our guide to internet safety for kids

We hope we’ve given you something to think about when you next find yourself scrolling along social media feeds - which probably won’t be long, it’s so addictive! Just remember to keep a lookout for spammy posts, weird messages, duplicate profiles and suspicious activity. Check your security settings regularly and put extra security barriers in place with login alerts set up. 

And don’t forget to look up from the digital screen once in a while, and remember to keep your physical space secure, too, with a protective home security system.