Was your Instagram account hacked and deleted?
On Christmas Eve, Russian hackers launched a spree of hacking Instagram accounts with substantial following in an attempt to blackmail them for money or lose their Instagram accounts and years of hard work forever! How do I know this? I too was targeted by these hackers and saw many of my friends’ accounts disappear overnight. I saw one Instagram account hacked and deleted after another. I was lucky to have kept my account because I had it protected so I wanted to let you all know how to protect your Instagram account from hackers and what to do if your Instagram account was hacked and deleted and how to recover it if the worst does happen.
I have seen the entire Instagram community pull together to help those affected and share their resources so I will share what I learned and from whom in this blog and also share the steps that I had already been using to luckily prevent this from happening to me.
How I almost got hacked
On Christmas Eve I received an email titled “Offer of collaboration with @ Realisationpar”
It was Christmas Eve, not only was I in full on holiday mode, I was busy and distracted trying to pack up the car with presents and pack for the few days that I would be staying in my Dad’s house for Christmas. Instinctively the first thing I did was to check the instagram page of Realisationpar. It looked like a legitimate Instagram account. It had a following of 439k and many, many fashion posts. It did dawn on me that I was not your typical fashion girl or model!! So I did wonder why this company approached me. However, I do get many collaboration requests daily, most of which I turn down becuase I don’t “feel” the product, it is not the right fit for me or something that I want to promote to my following.
I honestly only choose to work with and promote brands that I honestly use or buy myself and 100% love. I do however give each email attention. If someone took the time to reach out to me I always take the time to check out their offer and reply even if it is not for me. Judging by the size of those teeny tiny clothes I expected that this would be one of those cases so I politely replied and thanked them for getting in touch and sent them an email with my rates and media kit attached.
How to protect your Instagram account from being hacked
There were a few things that I should have picked up on but didn’t initally. Notice the space between @ and Realisationpar. The typos which are clearly obvious ” in the Instagram”. The lack of branding photographs or any branding signature at the bottom of the email.
What I did wrong:
- I didn’t click on the email sender to expand the email address. In this case it was firstname.lastname@example.org which didn’t match the sender name and should have alerted me that there was something fishy
- I didn’t pay attention to the fact that there were no branding photographs or signature at the bottom
- I didn’t pay attention to the unprofessional typo’s which do not in themselves indicate a hacker, come on we all make typo’s, but it should alert you enough to be aware.
The hackers took advantage of the fact that is was Christmas, that people would be distracted and that guards were down.
What I did right:
- I immediately checked the instagram page of the clothing company. However the hackers had picked a legitimate site so this didn’t ring any alarm bells.
- Most importantly I DID NOT CLICK THE LINK.
I immediately received a reply email. This time I was in my Dad’s house. There was a lot of activity and I was super distracted. The next email should have alerted me more. There were more typos, some Russian writing and an insistance that I click the link to see the item they wanted me to promote.
My Instagram account was hacked
And guess what guys I clicked the link! I stupidly clicked the link!! The link appeared broken. It didn’t take me straight to the Instagram page I was expecting, I was already logged on Instagram on my phone so it should have taken me straight there. Instead it brought me to the Instagram log on page to enter my password. I went back and clicked the link again!! (I did say I was super distracted ). Again it brought me to an Instagram log in page and I did what you should not do, I entered my Instagram log in details.
Immediately it kicked me out of my gmail account and logged me out. All of the alarm bells were now going off in my head. The ones that should have been going off 5 minutes before when I was in full on Christmas mode.
I panicked! I grabbed my husband’s phone. He has my instagram logged on his phone too and I immediately changed all of my passwords. This happened in seconds. I also had two factor authentication turned on so this may have bought me the extra seconds I needed. I waited and waited expecting my account to be deleted but nothing. By the luck of the Irish I had narrowly missed out on having my account taken over by Russian hackers with blackmail requests for large sums of money to even get a sniff of getting it back.
Someone hacked my Instagram account
And then I painfully watched accounts belonging to many of my Instagram friends disappear, accounts like @thehopefulhitchhikers and @flipflopwanderers. On Christmas frickin Eve! Everyone was in a panic. Those who had not been affected were trying to reach out and share the new accounts of those that had lost years of work not to mention their livelihood in some cases. One account that went above and beyond to help those affected was @agirlwhoblooms.
The story of @flipflopwanderers really struck a cord. They had built their following to 52k and had just celebrated reaching 50k followers a few days before. They were on a high, it was Christmas Eve and whilst they were cautious like me, their guard was most definitely down. They were understandably devasted as I would have been and following their emotional stories on the new Instagram account that they had made was just heartbreaking. Some people might be unsympathethic. So what? It looks like you have it all anyway, jetsetting around the world, getting free products or trips from tourist boards and free accomodation in fancy hotels.
I can understand that! But that is only how things look superficially. In reality there is a lot of hard work that goes into keeping and maintaining a successful Instagram account. Hours creating content, editing photos, searching for new and interesting places to bring to the attention of your followers, responding to messages and engaging with your followers.
While I personally find all of this enjoyable there is no denying the amount of time and creative investment you have to sacrifice to Instagram. That is why the rewards make you feel valued and why it would be just heartbreaking to lose it all. Anyway, rant over, either you understand the work that goes into creating an Instagram account or you simply don’t and think along the lines of “it’s just inflencers trying to get stuff for free”. Trust me! Nothing in this life comes for free.
So @flipflopwanderers got sucked in the same way I did. They received a very similar email to mine except from a clothing company @ Shopdressup (again notice the space after @). They did the same as me. Checked Instagram first, it was a legitimate clothing company so they clicked the link. Again the link brought them to an Instagram log in page but they didn’t think anything of it and put in their Instagram log in details thinking that it was a legitimate collaboration request like they too get every day. Shortly after this they got an email informing them that their Instagram had been blocked and to unlock it they had to send $215 in bitcoin to the hackers or risk having their account deleted forever.
They thought it was a joke and in the next three hours went through every emotion possible as they tried to rescue their account. In the end they decided they couldn’t risk it and paid the hackers. This is an ordeal in itself because how many of us casually have bitcoin accounts? The hackers still did not give their account back despite saying they would 5 minutes after payment had been received.
Does Instagram help if your account gets hacked?
Short answer. No. You can email and email to your heart’s content but if you get any response at all it will more than likely be an automated email. We all know that this is one situation where you need to be taken seriously and need that human connection so you can explain your situation in the hopes that the Instagram powers that be can help you. If you are lucky enough to get some sort of response (after like 2,000 emails on your part) more than likely any recovery email links they send you will be to the email address the hackers changed it to. Like Duh!
Come on Instagram! You need to be doing more to secure our accounts, especially when people’s livelihoods depend on this. And if you can’t sufficiently secure our accounts you need to have a satisfactory customer support system that users can reach out to in these serious situations. Even turning on two factor authentication, as Instagram suggests, doesn’t completely secure your account because the hackers can intercept your text message to get your “secure” code. It is worth turning it on though to give you those few extra seconds if you realise that you have been hacked immediately.
How to protect your Instagram account from being hacked.
So how do you protect your Instagram account from being hacked? It is so important to secure your account and don’t put it off. DO IT NOW! Also please pin and share this blog in the hopes that it helps somebody else.
- Pick a password that is harder to hack. Make sure your password contains a mix of letters, capital letters, numbers and symbols. DO NOT use the same passwords on all of your accounts such as Facebook and email. You may even want to use a password manager to keep track off and manage your passwords.
- Download the Google Authenticator App. This App creates random codes for the two factor authentication and is more secure than text message two factor authentication that can be intercepted by hackers. I also use this app for other websites that I want to secure. This is a more robust way of securing your account.
- Open your Google account security page and click on 2-step verification.
- Under the Authenticator App section, click “Setup”
- Next choose your device type (Android, iPhone) and click next to reveal a QR code.
- Open your Authenticator App and select “Begin Setup”.
- Select “Scan a barcode” and scan the QR that is open on your browser.
- Click the next button and type in the code you see on your mobile into the text box and click verify.
- You are now set up.
- Go to your account settings on Instagram and turn on your two factor authentication.
- Switch on the toggle for third party Authenticator Apps
- Make sure your email account is secure. Your email is a bit like a gateway to all of your online accounts so your primary concern must be to secure this.
- Any emails you receive must be carefully considered. Always check the email address of the sender. If anything seems odd, as in my case the email address had a very different name to the sender, or there are obvious typos like email@example.com please be extra vigilant.
- Most important of all. NEVER, EVER, EVER, click any link in an email even if it looks legit. Search the account in google instead or retype the link. Hovering over the link will also show you where it is actually linked to.
- The link should be a URL starting with https:// which means it is a secure link but if you notice the link I was given started like this.
- Be wary of extra words or information at the end of the link and get used to what normal links look like. For example https://www.instagram.com/p/BrgpHiFi is probably a real link whereas
https://www.instagram.com/p/BrgpHiFi/by=realisationpar is not. Notice those extra words at the end.
- Here you will find a list of apps that you’ve authorized to access your profile and account information. If you notice anything strange, you can easily click revoke third-party app access by clicking Revoke Access button.
How to recover a hacked Instagram account
If the worst happens and you do get hacked, try not to panic. If your Instagram account was hacked and deleted, the faster you act, the more likely you will be able to recover your account. As I later found out, all deleted data gets erased from the Instagram system after two weeks and can’t be recovered after so it is important to act fast.
If there are any major changes made to your Instagram account an automatic email will be sent to the email address that you registered when you set up your Instagram account. Immediately after you realise that you are hacked the first thing you should do is go to that email and see if there is an option to “Change Your Password” or “Revert This Change”. You may get lucky and if the hacker was slow in changing your Login information, you may be able to gain back access or at least lock the hacker out by clicking this button.
In the majority of the cases however the hackers will have already changed your username, password and email but it is always worth trying.
You should change all remaining passwords while you can to protect linked accounts like Pinterest or Facebook. Immediately protect your blog. Even though you might be tempted to try to secure your Instagram name as it will now be free DO NOT set up a new account with your old account name. As @flipflopwanderers found out the hard way it makes the possibility of retrieving your account very difficult. There are mixed reports about whether to pay the hackers or not. I know some have been “lucky” and got their accounts back shortly after paying and others who say the hackers kept asking for more and more money and their account was deleted anyway.
Report the hack to Instagram
The official way to report a hack to Instagram is through their Request Support system found under the Log In screen.
It’s a short form that can be filled out within a few minutes asking a few basic questions like the email that you used to create your account, contact info, the issue etc.
I don’t know why Instagram don’t make this process easier because there is some difficulty in finding this form in the first place. At a time when you are at your most anxious and you are probably in full on panic mode, I really feel like Instagram could again make this process so much easier. To get to the form you have to log out of all Instagram accounts that you are currently using and in the Login screen click “Forgot Password?”.
In the next screen type in the username of the account that was hacked. Then click “Need more help?” and a form called “Request Support” should pop up. Once you get to the “Request Support” form, fill out all of the questions asked and click “Request Support” at the bottom of the page. This should kick off a general request to Instagram letting them know that your account was hacked. I have read reports that you can only do this on an iPhone (thank you Instagram!).
You should then receive an email from Instagram within a few hours with some other follow up questions but don’t get too excited it is a generic email. In fact you will have to go through a few emails sent from the Instagram bots before you ever get to speak with a real person, so that is why it is important to start the process ASAP after getting hacked to make sure that you stay witin the 2 week time frame.
**Top Tip: Did you know that you can download your Instagram data. You will get a copy of what you have shared on Instagram (including all photographs and captions) emailed to you. I do this weekly as a backup for my account. Go to settings on Instagram, click on settings and then Download Data**
To pass the Instagram bots scanning your responses, make sure to keep your answers concise and to the point. If you pass, you will receive another email asking for a photo of yourself holding up a unique code and your Instagram handle name. Once you send that in, Instagram claims that a real person reviews this image and compares it to the images on your account. If the image you submitted matches the images on your account and the Instagram team can verify that it’s really you, you will shortly get an email from Instagram with access to your account.
What to do if all else fails!
Through word of mouth from people like @agirlwhoblooms and @flipflopwanderers one person seems to be coming to the aid of those that have lost their accounts. He works on a donation basis and will require access to your email account which I’m sure will go against every instinct after having just been hacked. But this guy is one of the good guys. His name is @JuanR325 and you can check out a YouTube testimonal to him by @jessthedragonesss
I have no idea how he does it but he seems to have helped all of those affected restore their accounts. This latest spree of hacking on Christmas Eve should teach us all a very valuable lesson in how vulnerable our Instagram accounts really are and how we must do our best NOW, TODAY to secure our accounts. Hopefully this comprehensive guide in how to protect your Instagram account from being hacked will help you to protect your account. Be sure to spread the word by pinning and sharing so that others don’t get caught out the same way.
Are you new here? Join thousands of other happy readers and subscribe to All about RosaLilla blog via email or Bloglovin’. The good news is that by signing up via email you will get my EXACT email template that I use to successfully pitch hotels for collaborations so that we can work together for mutual benefit.
I also share everything about myself on Instagram with nothing held back so be sure to follow along there.
If you liked this you may also like:
Until next time you crazy kids!