Instagram, the wildly popular photo and video sharing app, continues to pull in new users. Meta’s social media platform is projected to be used by over 30% of the world’s internet users by 2025.
The giant user base draws in waves of cybercriminals. Hacked Instagram accounts are easy money, selling for US$40 a pop, according to the 2022 Dark Web Price Index.
Rates of Instagram account hacking rise every year. This begs the question: is your business or precious memories safe on Instagram?
Turns out there’s plenty you can do to improve your Instagram account’s security.
What methods do hackers use to break into your account?
Before we discuss securing your account, it’s essential to know how hackers gain access in the first place. Here are the most common Instagram account hacking methods.
Is your password simple and easy to guess? Chances are it’s just as easy for hackers. Weak passwords continue to be the prevailing reason for hacked accounts. It’s also one of the easiest parts of your cybersecurity to improve.
Not every public Wi-Fi is safe and secure. In fact, you might even be browsing over a hacker’s own Wi-Fi. They wait in between your device and the router while you hand your private data to them on a silver platter.
Phishing via email or DM
Beware of suspicious links, whether sent to you by a stranger in your Direct Messages (DMs) or via email. Many of these lead to false login pages where you’ll be sending your username and password right to hackers.
Vulnerable third-party apps
All our apps speak to each other nowadays. This interconnectivity is convenient but creates some significant security holes. If your Facebook account is connected to your Instagram, when one becomes compromised, they both do.
8 essential tips to keep your Instagram account safe
Don’t delete your Instagram account just yet. For the majority of account hacking methods, there are some simple cybersecurity changes to prevent them. Listed below are the top 8 tips to protect your Instagram account from being hacked.
#1. Use stronger passwords
Barely anyone can get by without passwords now. They give us access to all of our most valuable data. Often, losing your account leads not only to emotional distress but also financial loss, and even damage to your credibility. No amount of cybersecurity can make up for a weak password.
But fear not, here are the pillars of strong password security:
- Each password should be unique and hard to guess.
- Use both uppercase and lowercase letters.
- It should include numbers and at least one special symbol (i.e.: ! $ ? &).
- Passwords should ideally be too complicated to memorize.
- The more characters, the better.
Furthermore, it’s recommended you use autogenerated passwords stored in a password manager. That way, you don’t have to remember a single one, and each one is as secure and unique as the other.
#2. Take extra precautions on public Wi-Fi
As mentioned, public connections aren’t always the safest places for your devices to be. Your data is sent back and forth from a router, and if a hacker sits in between, they can collect all the data along its route.
However, I’m not about to start telling you to avoid public Wi-Fi – let’s be honest, you won’t. Instead, create your own encrypted tunnel for your data with a Virtual Private Network (VPN). Unsure if you need one? Try out a VPN free trial.
With this tool, you can still connect to any public Wi-Fi, but safer. The VPN will mask your IP address, browsing habits, and your private login data. Even if you’re on a hacker’s fake connection, they’ll only see that you’re using a VPN and nothing else.
#3. Enable Two-Factor Authentication (2FA)
2FA is becoming a standard cybersecurity measure globally. Even your Instagram can take full advantage of this modern security upgrade. Instagram now offers alternate methods of 2FA, depending on your preference.
You can choose between:
- Authentication app: You’ll be redirected through your preferred authentication app before logging in. If you don’t have one, Instagram will recommend one.
- Text message: Once you’ve entered your password, Instagram sends a code via text to your confirmed phone number. Enter it in the app, and you’re good to go.
- WhatsApp: If “Text message” 2FA is enabled, you can choose to have a code sent to your WhatsApp instead.
All of these settings can be accessed through the “Security” settings, under the “Two-factor authentication” tab.
#4. Beware of fraudulent links
As the Instagram audience continues to grow, phishing attacks are more rampant than ever. While most common via email, fraudulent links are now often sent through DMs. Never follow a link sent to you by someone you don’t know.
Imposters on email and DMs claim to be Instagram and often ask you to verify your login details. If you follow the link, you’ll end up on a copycat login page. But instead of verifying anything, you’re sending your login data straight to hackers.
EXTRA TIP: Now if you receive an email from Instagram, it should also show up under the “Emails from Instagram” tab in Instagram’s “Security” settings.
#5. Secure your email accounts
No matter how secure your social media accounts can be, they all rely on a secure email address. If that email account is hacked, so too is every social media account attached to it.
With control of your email, every one of your passwords can be changed. Upgrade your email security with 2FA or email authentication. These are small improvements than protect every one of your social media accounts, including Instagram.
#6. Revoke third-party access to Instagram
Including Facebook, third-party apps can ask for access to your Instagram account with your permission. If a third party is compromised, so too is everything it’s linked with. The best way to prevent this security flaw is to revoke the access between the apps.
You can see what apps are connected to your Instagram with the following steps:
- Go into your Instagram settings.
- Press on the “Security” section.
- Under data and history, tap “Apps and websites”.
- In this menu, you can see the active, expired, and removed apps connected to your account. Tap on an app to review or revoke its authorization.
The apps listed here can be photo editing, gaming, or even dating apps. Revoke access to any suspicious apps or those you don’t use anymore. Even apps you used years ago can still have the authorization to access your social media account.
#7. Block and report suspicious behavior
Ultimately, many hackers and frauds get away with their behavior because people don’t report them. Just because you didn’t fall for their tricks doesn’t mean the next person won’t. Reporting anything suspicious helps everyone on the platform.
Suspicious behavior includes, but is not limited to:
- Strangers asking for login data or email addresses;
- New followers insisting you DM with them;
- Empty profiles with generic/stolen profile images;
- Anyone that asks you to follow a strange link.
Reporting these individuals helps Instagram to pick out hackers and frauds in the future. You might also save another user from losing their account. After reporting them, you should block all suspicious followers or accounts.
#8. Inspect the “About this account” section
Instagram introduced a great feature to help you distinguish between genuine and fraudulent accounts. When on a profile, tap the 3 dots to the right of the username. Click “About this account” to get a deeper look into some core details about the user.
In this section, you can view:
- When the user joined Instagram;
- What country they’re based in;
- How many usernames they’ve used;
- If you have any shared followers.
This information is vital as fraudulent accounts are often brand new, and have used multiple usernames. Especially if they claim to be from somewhere they aren’t. A lack of shared followers should also make you question how and why they found you.
It’s too late! I think I’ve been hacked – what should I do now?
If you believe your Instagram account has been hacked, there are a few red flags to look out for. Among them are the following:
- Pictures have been posted that you didn’t post yourself;
- Usernames and other details have been changed;
- You’re 100% sure your login details are correct but you can’t log in;
- You’ve received an email describing a suspicious login or password change.
Recovering an Instagram account
If any of these warning signs sound like what’s happening to you, change your password immediately. If you can’t access your Instagram to do this, there are still a few ways you can recover your hacked account.
Request a login code or link
On the login page for Instagram, tap on “Get help logging in”. Here you can request a password reset link to be sent to your email address. Alternatively, you can request a temporary code to be sent via text message.
Check for a change of password email
Instagram will most likely send you an email when your password has been changed. Often in these emails, you can follow a link to simply reverse the change and regain access. Just make sure to change your old password straight away.
Contact Instagram support
If all else fails, your next step should be to contact Instagram support. Do this easily at the login page by following these links:
- “Get help logging in”;
- “Can’t reset your password?”;
- “Try another way.”
This is still not guaranteed to work, hence why preventative measures are so essential.
Just because social media hacking rates continue to rise, doesn’t mean you need to be a victim too. The list of cybersecurity improvements you can make is extensive and easy to execute. A major thing standing between hackers and your personal, private data is you. Beef up your Instagram’s security and relax knowing your information is safe and sound.