kontakt
PL EN

How to Recover a Hacked Social Media Account?

Introduction

A hacker has gained access to your social media account. Worse, they might have started sending messages to your friends, soliciting money, or posting content that could harm you. What should you do in such a situation? How can you protect yourself from such attacks in the future? Here are some tips to help you in this scenario.

What to Do? How to Proceed?
Stay Calm and Don’t Panic

Avoid self-blame: Time cannot be reversed. If you feel partly responsible because your password was the same everywhere and easy to guess, you’re right—it’s an area to improve upon.

Prepare for potential uncomfortable conversations: Be ready to explain the situation to those who might have been harmed and have grievances. Act to prevent further damage: Focus on limiting further harm and addressing the issue.

Execute the Following Checklist

Block the malicious actor: Ensure you stop the hacker from causing more damage. Notify potential victims: Inform those who might have been targeted by the hacker. Report to authorities and IT departments: Alert relevant services and your IT department about the incident.

Seek cybersecurity help: Regardless of the time, try to get assistance from cybersecurity firms. We know from experience that professionals in this field often work beyond regular hours.

Ensure Everyone Knows the Hacker is the Culprit

Avoid material or legal liability: Ensure that people know you are not responsible for the hacker’s actions. Victims might assume the hacker doesn’t exist and that you are the one defrauding them.

Document the incident: Report the potential crime officially, even if the perpetrator remains unidentified.

Don’t Make it Easy for Hackers

Utilize available security measures: Social media platforms work hard to provide secure technologies and protections. Use all the security features they offer.
Be proactive: Since everyone is eventually a target of hackers. aim to minimize the damage to the least possible.

Daily Data Breach Awareness - Stay informed: Millions of records from various service providers are exposed daily. While you can’t control this, don’t make it easier for hackers where you can act.

CHECKLIST
1. Block and Remove the Hacker
We need to get rid of the pest and stop them from causing further damage.
If you still have access to the social media account
Log into the social media platform.
  • Change your password
  • Enable multi-factor authentication (MFA or 2FA)
  • Check the list of recent logins and take screenshots for evidence
If you cannot edit the account
Sometimes platforms like Facebook, LinkedIn, or TikTok detect unusual logins and restrict actions. In such cases, you may not be able to change your password or enable 2FA.
  • Use an incognito browser window
  • Access the portal
  • Select the password recovery option
If you don’t have access to the social media account or email
This is the most challenging scenario.
If you can’t recover your password (e.g., you don’t have access to email), and you can’t log in (the hacker changed the password or you don’t have access to the 2FA authenticator), ask as many friends as possible to report the hacked account and request its suspension. If there's no option for a hacked account in the reporting form, choose "offensive content." A high number of reports in a short time might trigger an automatic block, giving you time to start the recovery process.
Secure Your Email
If you have access to your email provider's portal, log in and ensure the hacker doesn’t have or won’t get access to your email account. After logging in:
  • Change your password
  • Enable multi-factor authentication (MFA or 2FA)
  • Check the list of recent logins and take screenshots
2. Report the Incident
Social Media Post
“My account on [social media platform] has been compromised. Please ignore any messages and interactions you received from my account in the past few days. The situation is under control, and the matter will be reported to the appropriate authorities.”
Notify Potential Victims
Send the above message to potential victims via available social media communicators.
IT Notification
If the incident involves a work email or account linked to your company, report the incident to your IT department.
3. Within 2 Hours of the Incident
Change Passwords
Change passwords across all social media platforms and service providers (e.g., Google, Microsoft, WP, Onet, Interia). Enable 2FA wherever possible.
4. Within 24 Hours of the Incident
Report to the Police
It might seem like overreacting, but remember the potential consequences of the attack. Victims might view the hacker's message as an "excuse" and seek compensation from you.
Seek Cybersecurity Specialist Assistance:
Specialists should check for other potentially compromised accounts you might not be aware of.
5. Continuous Audit (Audit as a Service)
Identity Monitoring Tools 24/7
Consider tools that monitor the status of your social media accounts, passwords, and email accounts, checking if they have become part of a breach. Inveo clients benefit from such monitoring through our h OnSecure platform.

Strona korzysta z plików cookie w celu realizacji usług zgodnie z Polityką Prywatności. Możesz samodzielnie określić warunki przechowywania lub dostępu plików cookie w Twojej przeglądarce.