- The Identity Theft Resource Center (ITRC) has received four times the number of inquiries regarding hacked Instagram accounts in September than in a typical month.
- The ITRC believes scammers are impersonating people their victims know and getting their sensitive information. Criminals could also be using data from past breaches to hack and spoof accounts.
- To avoid having your Instagram account hacked, use a strong and unique passphrase that you never share with anyone. Also, use two-factor authentication on your account, make sure the email associated with your account is secure, and do not allow access to third-party apps.
- If your Instagram account has already been hacked, follow the steps in Instagram’s Help Center to recover your account.
- To learn more about hacked Instagram accounts and what you can do to say safe, contact the ITRC by phone (888.400.5530) or live-chat. Just visit www.idtheftcenter.org to get started.
Hacked Instagram accounts and scams on Instagram have been around for a while. However, the Identity Theft Resource Center (ITRC) is seeing a significant rise in victim inquiries about hacked Instagram accounts. In fact, the ITRC has recently received four times the number of cases on this topic as we do in a typical month.
What is Happening?
The ITRC believes scammers are impersonating people their victims know and getting their personally identifiable information (PII). Some victims are finding out that they are locked out of their Instagram account and that scammers are posting things in hopes of scamming other people.
Some victims have reported that they did not give their information out to a scammer and that they still had a hacked Instagram account or suffered an account takeover. While it appears people are being targeted in multiple ways to get login information, their account information may also have been accessed using information from breaches that include Facebook login information, particularly if the username and password were never updated.
The ITRC has also seen victims’ Instagram accounts spoofed using the victim’s public pictures. Cybercriminals then follow the same people the victim follows and sends them messages with a scam or malicious link. The increase in hacked Instagram account cases is no surprise. According to Digital Shadows, the cost of a hacked Instagram account on the dark web is $45. For context, the price for a Social Security number on the dark web is only $2.
What You Can Do to Avoid a Hacked Instagram account
While the demand for hacked Instagram accounts is high, there are things you can do to protect yourself.
- Never share your password or any personal information with anyone else. Right now, scammers are playing on people’s emotions and building trust with their victims, so much trust that some people are turning over their PII. While scammers can be persuasive, passwords, PINS, codes or any other type of sensitive information should never be shared with anyone.
- Make sure your password is strong. Use a 12+ character unique passphrase because it makes it more difficult for hackers to crack your account. Also, passphrases are easier for you to remember.
- Use two-factor authentication (2FA) on your account. 2FA gives you an added layer of security, making it harder for criminals to hack your Instagram account. To use 2FA on Instagram, go to “Settings,” “Security,” and tap “Two-Factor Authentication.” Tap “Get Started” and select either “Authentication App” or “Text Message.” The ITRC recommends you use an authentication app because text messages can be spoofed.
- Make sure the email associated with the account is secure. A secure email account is an account that has security enhancements to offer more protection. If it is not secure, it could make it a lot easier for hackers to access your account and any other accounts associated with that email. It is also a good idea to secure your email with 2FA.
- Don’t download third-party apps within a social media platform. If third-party apps have your information, you may not know where it is being stored or how it is being stored. It is another place for hackers to get their hands on your valuable Instagram account credentials. Only download applications from the recognized application stores from Apple, Google, and Microsoft.
What to Do If You Have A Hacked Instagram Account
If you believe your Instagram account has been hacked, there are steps for you to take.
- Check your email account for a message from Instagram. If you received an email from firstname.lastname@example.org that says your email address was changed, you might be able to undo this change by selecting “revert this change” in that message. If additional information was also changed (like your password), and you’re unable to change back your email address, request a login link or security code from Instagram.
- Request a login link from Instagram. To help Instagram confirm that you own the account, you can request that they send a login link to your email address or phone number. To request a login link:
- On the login screen, tap “Get help logging in” (Android) or “Forgot password” (iPhone).
- Enter the username, email address or phone number associated with your account, then tap “Next.” If you don’t know the username, email address or phone number associated with your account, tap “Need more help?” below the “Next” button and follow the on-screen instructions.
- Select either your email address or phone number, then tap “Send Login Link.”
- Click the login link in your email or a text message (SMS) and follow the on-screen instructions.
- Request a security code or support from Instagram. If you’re unable to recover your account with the login link sent to you, you may be able to request support for your hacked Instagram account. For more information on how to do this, visit Instagram’s Help Center for step-by-step instructions.
Contact the ITRC
To learn more about hacked Instagram accounts and what you can do to protect the information that a scammer may have access to, contact the ITRC. You can speak with an expert advisor toll-free by phone (888.400.5530) or live-chat on the company website. Just visit www.idtheftcenter.org to get started.