What to Do if Your Instagram Is Hacked

Chris Thompson

By Chris Thompson


Instagram is one of the most popular social media platforms on the planet, with over 1.4 billion users around the world. It can be a great way to share your photos with friends and followers, gain insight into the lives of your favorite celebrities and influencers, or simply pass some time.

However, Instagram accounts are also the most likely type of social media accounts to be hacked. In one study, the Identity Theft Resource Center found that of those who had experienced a social media account takeover, 85% had had their Instagram account compromised.

Once hackers have access to your account, they may use it to try to sell fake products, trick your followers into sending them money, or distribute malware, among other illegal activities.

Luckily, there are some steps you can take to secure your Instagram account. In this article, we’ll identify the warning signs of a hacked Instagram account, explain how to fix it, and how to prevent it from happening in the future.

Protect your phone from hackers

Download the award-winning Certo Mobile Security for FREE on iPhone or Android.

Signs That Your Instagram Account Has Been Hacked

If you think that your Instagram account may have been compromised, there are a few red flags that may help you to confirm your suspicions.

1. You get a password reset email that you didn’t request

If you get an unexpected email from [email protected] asking you to reset your Instagram password, chances are that someone is trying to access your account.

If you receive an email like this, you should log out of Instagram on all devices and reset your Instagram password immediately. You can also report the incident to Instagram by following the instructions in the email.

2. Your email address is reset without your permission

If a hacker successfully gains access to your Instagram account, they may change the email account associated with it to try to stop you from logging back in. If you receive an unexpected email from Instagram saying that your email address has been changed, it’s confirmation that your account has been hacked.

You may be able to undo the change by tapping Secure your account here in the email from Instagram but it’s likely that the hacker will have changed your password too, to block you from accessing your Instagram account.

Fig 1. Instagram email change alert

3. “Suspicious login attempt” alerts

If Instagram identifies a login to your account from an unusual location, it’s likely that a scammer is accessing your Instagram account.

You’ll receive a suspicious login attempt alert, and you’ll be asked to confirm whether it’s you. You can also check recent logins. Here’s how to do it:

  1. Open the Instagram app.
  2. Go to Profile > Settings > Security > Login Activity.
  3. If you discover any unfamiliar locations, tap This wasn’t me and Instagram will log out of your account on that device.

4. Friends receiving strange messages from your account

Hackers will often use your Instagram account to send messages to your friends and followers, pretending they are you. They might attempt to get your contacts to send them money or share personal details with them, which they can then use to hack their accounts, too.

If your friends or followers tell you that they have been receiving messages from you that seem suspicious or out of character, you should check your account activity and take steps to secure your Instagram account immediately.

5. Activity you don’t recognize

If you still have access to your account but you’re getting comments on posts that you don’t remember making, your Instagram account has probably been hacked. Look out for replies to comments that you didn’t write as well, since these signs suggest that you have a hacked account.

What Should I Do if My Instagram Account Has Been Hacked?

If you become aware that someone has hacked your Instagram account, there are steps you can take to secure it again. The action you can take depends on whether or not you can still access the account yourself.

If you can still log in to your Instagram account

If you are still able to log in to your account, check your emails for a message from [email protected] saying that someone tried to change your Instagram password or email address.

If you have received an email like this, log out of Instagram on all your devices and change your Instagram password to one that is strong and secure, and wouldn’t be easily guessed. You can also report the suspicious activity to Instagram by following the instructions in the email.

If you aren’t able to log in to your Instagram account

If you can’t log in to your Instagram account, you’ll need to follow these steps:

1. Request a login link

Instagram can send a unique link to your phone or email address to help verify your identity.

On Android: Open the Instagram app and tap Get help logging in.
On iPhone: Open the Instagram app and select Forgot password?

Note that this will not work if the hacker has changed the phone number and/or email address associated with your account. If this is the case, you’ll need to move on to the step below.

2. Request a security code

Instagram can send you a security code to try to fix the problem. The instructions are the same whether you are using an Android or an iPhone:

  1. Follow the steps above, then tap Need more help?
  2. Choose your preferred method of contact, then tap Send security code.
  3. If you don’t receive the code, tap I can’t access this email or phone number and follow the instructions.

3. Verify your identity with Instagram

Next you’ll need to prove to Instagram that you are the rightful account holder. If your Instagram account includes photos of you, Instagram will email you and request a video selfie of you turning your head in different directions so that they can verify your image.

If your Instagram account doesn’t have any photos of you, they will ask you for more information about your device and your personal details so that they can verify your identity. This process can take up to two working days, during which time you will not have access to your Instagram account.

Once Instagram has confirmed your identity, you will be sent a link to reset your password. If you fail the video selfie test, you may be asked to do it again. If you decide not to do a video selfie, you may not be able to regain access to your account.

Check your phone for threats

If your Instagram account has been compromised, it’s a sign that your phone may have been hacked. Hackers can easily install malicious software or third-party apps onto your phone, which can expose your personal data and help them to hack your social media accounts.

You can check your phone for threats by using Certo Mobile Security for iPhone or Android, a free app that helps you to protect your device against unauthorized access.

How Can I Secure My Instagram Account against Future Attacks?

Although we’ve explained that it is possible to recover your Instagram account from a hacker, it’s far better to take steps to ensure that it doesn’t happen in the first place. Here are our top tips to prevent future attacks on your Instagram account:

1. Keep your login details private

This may seem obvious, but one of the best ways to secure your account is to keep your Instagram login details a secret. Don’t tell them to anyone—even friends and family—and don’t write your login information down.

2. Use two-factor authentication

Two-factor authentication (2FA) requires you to provide two different methods of authentication to verify yourself, and it’s a highly effective way of increasing your account security. For example, enabling 2FA may mean that you need to enter a code sent to your cell phone, or use biometric authentication (fingerprint or facial recognition), as well as your password.

This makes it much more difficult for hackers to gain access to your accounts since they need two pieces of information rather than just one.

To enable 2FA for your Instagram account, you’ll need to download a third-party authenticator app like Google Authenticator. Once you’ve done this, open the Instagram app on your phone and go to Settings > Security > Two-factor authentication and follow the steps provided.

3. Create strong passwords

When setting passwords, it’s important that they cannot easily be guessed. Anything involving your birthday or your name is a no-go, as are generic passwords like “password123.”

The best passwords use a combination of uppercase and lowercase letters, numbers, and special symbols. You should also change your passwords regularly to increase your phone security.

Finally, avoid using the same password for multiple accounts, since this makes it easy for hackers to gain access to them. Use a password manager, such as NordPass, to easily and securely store unique passwords for all of your online accounts.

4. Download Certo to protect your device

Certo’s free app, Certo Mobile Security, is one of the best ways to stop hackers from accessing your phone and your social media accounts.

These award-winning apps can detect threats and help you secure your device, to make sure that your private data stays private. Run a free scan today.

Fig 2. Certo Mobile Security for Android

App Store

Play Store

Key Takeaways

When it comes to mobile security, prevention is better than cure. Follow these steps to protect your Instagram account—and your phone—from hackers, and get peace of mind that your personal information is secure.

🕵️ Be vigilant and take immediate action if you discover any suspicious activity on your Instagram account.

🔒 Use two-factor authentication to make it harder for criminals to access your account.

🤐 Never share your passwords or account details, and change them regularly to stop unwanted access.

✔️ Download the free Certo Mobile Security app for iPhone or Android to safeguard your phone and your social media accounts from hackers.

Frequently Asked Questions (FAQs)

Can I recover my Instagram account if it gets hacked?

Yes, in most cases it is possible to recover your Instagram account. Depending on what information the hacker has changed (password, email address, etc.) you should be able to regain access to the account after Instagram has verified your identity. You may need to record a video selfie as part of the process.

Can I contact Instagram if my account has been hacked?

If your Instagram account has been hacked and you can no longer log in, you can get in touch with Instagram for help. To start the process, you’ll need to tap Get help logging in or Forgot password (depending on whether you have an iPhone or an Android) and follow the required steps to regain access to your account.

Can your Instagram get hacked via DMs?

It’s impossible for someone to hack your account if you simply open and view a direct message. However, hackers may try to trick you into opening a link sent to you via DM, and if you do so you could be putting your account at risk.

Can hackers access your Instagram account?

Yes, it’s possible for your Instagram account to be hacked. Look out for any suspicious activity on your account, and download Certo for free to help protect your device.