These days, social media has become one of the most powerful tools to market your products and services. You can reach people easily and it doesn’t cost you a lot.
But what happens when you wake up one day and realize that the account you’ve painstakingly grown to thousands (or probably more) has been hijacked by people who’ve got nothing better to do in their lives?
In a flash, you lose your followers, your photos, your videos and the worst part? They will have access to everything inside your account including your DM and personal info.
And you know what sucks the most? Instagram is not going to be helpful when it comes to recovering your account and it’ll feel like they don’t care about you at all.
But before you cry in a corner and sulk about what happened to you and how it happened, there’s still HOPE. And I’m going to break it all down for you in this post.
I’ll tell you everything you need to know in 3 parts—how it happened, how to recover your account and what to do to keep kick your hacker out and keep your account safe.
Now, I want you to know that I’m not new to hacking and we’ve been really careful given my background in IT Security. I never imagined I’d fall victim to this rather simplistic tactic and yet I did. So yes, anyone can be vulnerable.
How It Happened
I woke up with a terrible headache (I didn’t know then it was caused by a pinched nerve on my neck). I was sitting at the dining table massaging my temple when I got a notification from Instagram. It was from someone I know and it says:
Now, I knew for a fact that I have no way to verify whether she was really saying the truth and when I read it first, I already knew I wanted to tell her – “Sorry, but I don’t have any means to verify whether your claim is real or not” and ignore her request.
But the other side of my brain remembered that Facebook once had a feature where you need to ask 3 friends to verify your account for you when you’re locked out. This was what I remembered last.
And before I knew it I was already responding to the hacker.
As you can see, I even asked where it will be sent. Remember, I was under the impression that I’m talking to someone I know.
After this message, I received a text on my phone and the hacker even reminded me to “PLS DON’T CLICK THE LINK.”
That was my biggest mistake.
Because the hacker was already making an attempt to renew my password using my phone number and I was the one who gave them the verification link.
I GAVE IT TO THEM.
Thankfully, I was using Instagram at that moment and 2 seconds later, I got logged out.
That alone made me jump out of my seat, rushed to my husband and said, “I WAS HACKED! MY INSTAGRAM WAS HACKED!”
We both rushed to the studio.
Kris said, “You change your Facebook password quick. Paypal and anything finance related. I’ll take care of Kajabi, and all the software we use for the business.”
So, I went to Facebook and quickly change my password before they even got to it.
By the time I was there, there was already an attempt to change my Facebook password. Thankfully, I was faster.
Nothing else was taken except my Instagram.
I cannot log back in. I can’t do anything.
Then, they made the account private.
The hackers have successfully taken my account hostage.
After changing all our passwords, we made an announcement on Facebook and my email list that my account was hacked and to NOT ENTERTAIN any request to help me recover my account.
How To Recover Your Hacked Instagram Account
The recovery part was tricky because there’s no real help posted anywhere on Instagram.
I found help on YouTube but some of them were outdated and here’s where it becomes even more painful—on every single attempt I made to recover my account, the system changes and it’ll be difficult to find what you truly need.
So even if you’re reading this, the platform might’ve changed where it is but at least you’ll know “what to find” because this is the ONLY thing you’ll ever need for Instagram to verify that the account was yours.
BUT REMEMBER: When my account was hacked, the hackers DID NOT change my phone number and email address so I was still able to do the steps mentioned below. If yours was change, you might need a different approach.
Here’s my step-by-step process to recovering your account:
Step 1: Open the Instagram App
Step 2: Select Add an Account then click on Log In to Existing Account
Step 3: Select Forgotten Password
Step 4: Select Phone and then enter your country code and phone number
You will receive a text message with a 6-digit code. Enter that 6-digit code on your mobile. At first, I thought OK I got it. It’s easy. But then, I was prompted with another issue.
Apparently, the hackers have changed my two-factor authentication using a 3rd party app and they have the backup code to recover my account.
Instagram will need the backup code to get into your account. That’s when things get a bit trickier and I had to try something else.
Step 5: Click Try Another Way
Step 6: THIS IS THE MOST IMPORTANT PART OF THIS PROCESS. This is the ONLY THING you need to get into when your account is hacked. You need to figure out where to find the GET SUPPORT link and click that.
Step 7: Select “YES, I have a photo of myself in my account” EVEN IF YOU DON’T HAVE A PHOTO OF YOURSELF IN YOUR ACCOUNT. Why? Because the app will force you back into step one. You need to proceed to the next step. Click Next.
Step 8: Enter your email address. Then hit SUBMIT.
Instagram will use this email to get a code for the next step and to contact you about the status of your request so make sure to put an email address that you frequently check.
PRO TIP: For safety purposes, we don’t use our business emails on social media logins. We always have a separate yahoo or gmail account so whatever happens, we know that our business emails are not compromised.
Step 9: Enter the 6-digit code that you received in your email.
Step 10: You will be required to TAKE A VIDEO SELFIE – looking front, side left, side right, up. You have to follow this instruction carefully because THERE IS NO RETAKE.
PRO TIP: Prepare yourself because the instructions are automatic once you click NEXT. If you’ve been using a lot of filters on your photos and videos, I highly recommend at least putting on some make-up when you do the video selfie. My successful attempt was the one where I had makeup.
Once you’ve submitted the video selfie, you will receive an email from Instagram about your request. In some cases, they’ll say you’ll wait 1 day before you get a response. In my case, because I’m outside the US, I received an email that says to wait 3-4 days.
I received an email from Instagram after 3 days. Unfortunately, my first attempt wasn’t verified and I was given some crappy instructions about recovering and protecting my account. None of which were helpful.
My second attempt was a total fail. I never even got an email from them.
I almost gave up and my husband even told me to forget about it and to start over but that nagging feeling that I’ll lose all the videos of my son when we celebrated his first steps and the pain of knowing they are using my account to hack someone else is something I cannot take.
I tried another attempt. This time, I put on some make-up because I use filters often on stories and on my Reels I use make-up I thought that might help.
I never even bothered checking the email until the following day. To my surprise, they verified my account and confirmed it was MINE – 1 hour after I submitted my video selfie!
Claim Your Account Back and How To Protect It
The email subject says: Your Information is Confirmed contained all the instructions for me to follow and a new backup code to use to recover my account completely.
Here’s how it looks like:
From here onwards, you’ll need to be quick because your hacker could still be accessing your account and they might block any attempt you make to claim it.
Also, make sure to open this email on your desktop or laptop because you’ll need to be on your Instagram app throughout this process, you don’t want to leave the app to check your email on your mobile.
Step 1: Follow the instructions sent to your email.
Step 2: Once you’ve successfully claimed your account back, change your password immediately.
Step 3: When you’re done changing your password, go to Settings>Security>Two-Factor Authentication. DISABLE THE AUTHENTICATION APP so your hacker can’t use it anymore.
Step 4: Go to Settings>Account>Personal Information and make sure to put your email (if the hackers changed it) and ensure your details are correct including your phone number.
Step 5: Go to Settings>Security>Two-Factor Authentication and ENABLE Two-Factor Authentication on your MOBILE PHONE.
Step 6: Check your Inbox, UNSEND all the hacker messages sent to your contacts. I guarantee you they attempted to hack so many of those you have communicated with in the days prior to your account getting hacked. Delete those messages.
Step 7: Then go to: https://accountscenter.instagram.com/profiles/ and check if there are any weird accounts connected under your profile. Delete those. Mine didn’t have any so it was safe.
Lessons Learned From This Experience:
- Don’t entertain password recovery assistance requests – EVEN FROM SOMEONE YOU KNOW. I learned that Facebook also removed this feature to ask your friends to verify your account for you.
- When you suspect your account was hacked, CHANGE ALL YOUR PASSWORDS first. Most people go on social media to announce they were hacked. We did this AFTER we’ve already changed all our passwords.
- Inform your Followers and Friends when you’re hacked. There’s nothing to be ashamed of it. It could happen to anyone. Even to someone like me who’s supposed to “know it better.”
- Try as MANY TIMES as you can to send a video selfie until you get the response you want from Instagram. It is a system-generated verification (I suspect) but you’ll never know when a real human might be checking.
- If you’re someone who doesn’t like being SEEN on Instagram, I highly recommend you post at least a photo of yourself from time to time so the system has a way to verify your account faster.
I hope this was helpful.
If you have any questions, let me know in the comments below and if you know someone whose account might’ve been hacked, send this blog post to them and let’s help them recover their accounts.