Security

Instagram hacked? Here’s how to recover and secure your account

Jacob Fox

May 10, 20248 min read

Instagram hacked? Here's how to recover and secure your account: Header image

Despite being one of the world’s most popular social networks, Instagram isn’t immune to hackers. Whether they’re cracking passwords or phishing for your data, Instagram hackers are out there. Fortunately, there are ways to know whether your account’s been compromised. And if it has, there are ways to recover it. To learn how, read on.

How to know if someone hacked your Instagram account

While it might not be possible to know with 100% certainty whether someone’s hacked your Instagram account, there are some telltale signs.

Here are some common signs that your Instagram’s been hacked:

  • You can’t log in: If you can’t log in to your Instagram account and you’re sure you’re getting your login information correct, this might be a sign that your account’s been compromised.
  • Unusual activity: If a hacker has gained access to your account, they might start using it while you’re still logged in. If this happens, you’ll probably notice some unusual activity. This could include DMs you didn’t send, likes you didn’t like, or follows you didn’t follow.
  • Login or password reset attempts: Keep an eye on your email inbox. If someone’s hacked your Instagram account, they might have previously unsuccessfully tried to log in or reset your password. If they have, you should’ve received an email from Instagram letting you know about it.

What happens if your Instagram gets hacked?

If your Instagram gets hacked and you don’t take action, your account could be used for any number of purposes, some more troublesome than others. Here’s what might happen:

  1. Locked out: If you’ve been hacked on Instagram, the first thing that will probably happen is you’ll get locked out of your account. The hacker won’t want you in the account to potentially boot them out. Accordingly, the first thing they’ll do is change your password.
  2. Changed email: If they can, the hacker might try to change the email address your Instagram account is associated with to one of their own. This way, you’ll be unable to easily reset your password to boot the hacker out via an email link.
  3. Scamming in your name: Once the hacker has access to your account and has fully locked you out, they might start messaging people you know, pretending to be you. They might ask for money, hoping your contacts will transfer it because they assume it’s going to you. Or, they might send people shady links in the hopes that they’ll download malicious software.
  4. Propaganda in your name: Though less likely than straight-up scamming, a hacker might sell your account to someone who uses it to spread political or social propaganda.
  5. Ransom: In rare cases, a hacker might attempt to ransom your account by telling you that they’ll restore access if you pay them. An attacker might do this, for example, if you have lots of personal information stored on your account, such as confidential DMs. They might suspect that you’ll be more likely to pay to get your account back than risk this information being leaked.

How can Instagram hackers get into your account?

There are many ways hackers can attempt to gain access to accounts, some of which are simple and some of which are more complicated. Here are some of the most common ways Instagram hackers get into accounts.

Phishing

By far the most common way for a hacker to get into an Instagram account, a phishing attack is an attempt to trick a victim into giving away their information or downloading and installing malware. Phishing attacks usually occur when an attacker pretends to be an official website or someone you trust. They then try to get you to share your login information.

Password cracking

Password cracking is the attempt to use different techniques to correctly guess a person’s password. For instance, brute force software might quickly try many password combinations to log in to your account, continuing until it guesses the correct one and gains access. Thankfully, password cracking usually only works on weak passwords.

Malware

Malware, short for malicious software, refers to any software that’s designed to do nefarious things. For instance, it might log all your keystrokes and send this information back to the attacker who put the malware on your system. If malware has somehow gotten onto your system, it could record your Instagram account’s password when you type it and send it back to the hacker.

Physical interception

This method is often overlooked, but alongside phishing, it’s one of the most common causes of hacked Instagram accounts. Most people use Instagram on their smartphones, but not everyone pays complete attention to their phone at all times. All you need to do is leave your phone unattended and unlocked for a minute. An attacker can take that opportunity to go in and steal your login information or change your password.

How to recover a hacked Instagram account

If your Instagram account has been hacked and you can’t log in, don’t panic. Here are some steps you can take to restore access.

1. Use Instagram’s warning email (if they sent one)

If someone has tried to change your email address and Instagram has sent you an email from its [email protected] address to let you know, you might be in luck. The email should give you the option to reset your password and recover your hacked Instagram account, as long as the attacker hasn’t changed your password, too.

Here’s what to do next:

  1. Open the email from [email protected].
  2. Click “Secure your account.”
  3. Click “No, secure my account.”
  4. Enter a new password and confirm it.
  5. Click “Next” to reset your password and log in.

2. Reset your password

If you’ve been locked out of your account and haven’t received a warning email, you should still be able to reset your password via the log-in page.

Here’s how to reset your Instagram password:

  1. Open the Instagram app or navigate to the Instagram login page.
  2. If you’re on desktop, click “Forgotten your password?”
  3. Select “Get help logging in.”
  4. Enter your Instagram email address, phone number, or username and hit “Next.”
  5. Choose to receive the link via email or text.
  6. When you’ve received the email or text, click the login link provided and reset your password.

3. Verify your identity

If you think your Instagram account is hacked and resetting your password doesn’t fix it, you can report the problem to Instagram and verify your identity to try and restore access. This should work even if your Instagram account has been hacked and your email and phone number have been changed.

Here’s how to verify your identity on Instagram:

  1. In an internet browser, go to https://www.instagram.com/hacked/.
  2. Select “My account was hacked” and then press “Next.”
  3. Enter your Instagram email address, phone number, or username and press “Next.”
  4. Follow Instagram’s directions on how to verify your identity and restore access to your account.

Frequently asked questions about recovering an Instagram account

How soon can you regain access to your Instagram account?

If you can restore access by resetting your password, you should be able to regain access right away. Otherwise, it will take as long as Instagram takes to run through identity verification with you.

Can you find out who hacked your Instagram?

There’s no official way to find out who hacked your Instagram. However, when you recover your account, you can navigate to Settings > Security > Login activity and see which device was logged into your account, as well as when and where.

What are the chances of your Instagram getting hacked?

The chances of your Instagram getting hacked are very slim, provided that you practice good security. If you don’t practice good security, you could be leaving yourself vulnerable to being hacked.

How long does it take for your Instagram account to be hacked?

This depends on how secure your account is and what method the hacker is using.

How to report a hacked Instagram account

Unfortunately, there is no straightforward, official way to report to Instagram that your account has been hacked. However, you can try reporting a hacked profile for another reason.

Here’s how:

  1. Open Instagram.
  2. Navigate to the hacked profile.
  3. Tap the three dots.
  4. Select “Report.”
  5. Choose “It’s inappropriate.”
  6. Select “Something else” and follow the on-screen instructions. Report the account for impersonation.

How to secure your Instagram account against hacking

If you want to prevent your Instagram account from being hacked, there are several things you can do to make account compromises less likely.

1. Change your password

If you’ve used the same password for your Instagram account for a long time and you’re worried about being hacked, the first step is to change your password.

To change your password, open Instagram, click More in the bottom left, then go to Settings > Accounts Center > Password and security > Change password and follow the prompts.

If you think your Instagram account is vulnerable to being hacked, you should change your password quickly. You can always change it to a stronger password later.

2. Use a strong, unique password

If you don’t need to change your password right away, you can spend a little longer coming up with a strong, unique password for your account. Strong (i.e., long) passwords are much harder to crack, and using a unique password means that if any passwords for other accounts are compromised, your Instagram account, at least, should remain safe.

3. Set up 2-factor authentication (2FA)

After setting a strong password, the best thing you can do to improve your Instagram account’s security is to set up 2-factor authentication.

To do this, click More in the bottom left, then go to Settings > Accounts Center > Password and security > Two-factor authentication and either link your Instagram account to an authenticator app or opt in to receive an SMS for 2-factor authentication.

4. Don’t leave your devices unattended

It can be easy to forget that the real world can pose as great a threat to your online accounts as the digital world. To prevent real-world compromises, ensure that you never leave your device unattended, especially when it’s unlocked.

5. Regularly scan your devices

Because malware is one of the methods hackers can use to compromise Instagram accounts, it’s crucial that you keep your devices squeaky clean. Fortunately, this isn’t too difficult. You can use software that does it all for you.

If you use a Mac, for example, you can use the Smart Care feature in CleanMyMac to run a few processes in the background to clean up your device and keep it protected. Crucially, this includes the Protection tool powered by Moonlock Engine, which is designed to ensure that your device stays clear of harmful software.

Instagram, like any online-connected application, is vulnerable to being hacked. But thankfully, there’s plenty you can do to keep your account safe, including using a strong, unique password and enabling 2FA.

If your Instagram account’s already been compromised, there’s plenty you can do to restore access and secure it again. Even if your Instagram is hacked and your email is changed, you can try to restore access by verifying your identity.

This is an independent publication, and it has not been authorized, sponsored, or otherwise approved by Meta Platforms, Inc. Instagram is a trademark of Meta Platforms, Inc.

Jacob Fox Jacob Fox
In addition to being an academic, Jacob is a lifelong technology expert and cybersecurity writer who has helped his readers understand information security for almost five years. He has written for TechRadar, PCGamer, and other online technology publications.