For many of us online, social media is how we unzip our tent flaps and enjoy the beauty of the online world. Social media is how we communicate with friends and family (and remember their birthdays). For some of us, it is an integral part of our business. Losing control of a social media account is like annoying hacker mosquitos invading your digital tent!
When a cybercriminal takes over your socials, they can pretend to be you online and have access to your sensitive personal data. If you’ve lost control of a social media account, here are our tips to get it back.
-
Determine if you’ve truly lost control of the account.
Don’t take any unexpected urgent message about a social media hack at face value, but it is something to investigate. Also, a friends might say that your profile is making posts or sending messages that seem strange, like posting about a deal on sunglasses.
Try to log into your social media account. If you can, immediately do the following:
- Reset your password, and make it unique to the account, at least 16 characters long, and a mix of letters, numbers, and symbols.
- Enable multi-factor authentication, which adds a whole new level of security to your login beyond your password.
- Report the incident to the platform – you can even use screenshots as evidence.
- If you’ve reused the old password for any other account, change those passwords. Start using a password manager to generate and store all of your special, extra-strength passwords.
-
Contact the platform.
If you cannot log into your account, you need the social media platform to help you.
- See if you can report the account takeover through the platform’s website.
- Call the social media network’s customer service line if they have one.
- Follow instructions on the platform’s “forgot my account” or “account recovery” webpage.
If contacting the platform doesn’t work initially, be persistent. Unfortunately, social media platforms aren’t known for their customer support. Take screenshots of anything your hacked profile posts, or have your followers record evidence, so you can better explain the situation to the platform.
-
Once you have your formerly hacked account back, contain the damage by changing your password and turning MFA on.
Look up recent activity on your profile page and in the accounts settings:
- Delete anything posted or sent by the hacker after taking a record.
- See if privacy or security settings were changed and adjust them to your comfort level.
- Check to see what devices have logged into the account and make a record of anything suspicious.
Take records of everything through screenshots. You can send this evidence to the social media platform or if you talk to law enforcement about it.
Let your audience know you were hacked, even if it is embarrassing. People understand, and it is the best way to staunch any reputational damage the hacker did to you. Let them know they should be suspicious of any weird messages or odd posts coming from your profile.
Finally, review any personal data that was stored in the social media account, like credit card numbers or private DM communications. That data was compromised, and you might want to take further steps, like contacting your credit card issuer to cancel your card.
Originally published as part of the 2024 Cyber Survival Guide by The National Cybersecurity Alliance.
