Skip to content

Your Social Media Has Been Hacked And You Don’t Even Know It

pexels-andrea-piacquadio-3755755

Your aunt just got a hot tip from you about an amazing NFT investment opportunity and your best friend just got a sketchy link from you which she wasn’t sure she should open. Your social media has been hacked and you’re the last one to know. 

If this has happened to you, you are certainly not alone, as social media breaches are on the rise. A recent survey revealed that 22% of internet users said that their online accounts have been hacked at least once, while 14% reported they were hacked more than once. 

Celebrities like Adam Sandler, Mariah Carey, and Jack Dorsey have been targeted because they have millions of followers and therefore a massive public platform. 

Although it is too early to know exactly how Carey and Sandler’s accounts were hacked, it is known how the Jack Dorsey account takeover was done. That involved a SIM-swapping strategy, also known as sim-jacking, where Dorsey’s mobile phone provider was tricked into porting the telephone number to a smartphone belonging to the hackers. Once they have control of that number, the hackers can gain access to two-factor authentication codes sent by SMS. This is how many hackers gain access to thire targeted social media accounts of the stars.

Damages to people’s reputation can be considerable. Imagine if your business gets hacked and hate speech, inappropriate images, or threats are posted and tweeted in your name? It’s a fiasco. 

Regardless of whether you are a high-profile person, a business, or just one of the billions of people out there who use social media to connect with friends, family, and networking contacts, you could be a victim of social media hacking. 

These are red flag signs to look out for and actionable steps to take if your social media has been hacked.

Signs that your email or social media account has been hacked

You might have been hacked if:

  • your social media account has posts you didn’t make
  • you can’t log into your email or social media account
  • your Sent folder has messages you didn’t send or has been emptied
  • friends and family are getting emails or messages you didn’t send, sometimes with random links or fake pleas for help or money

If one of your social media accounts has been hacked and you suspect your other apps may have been hacked, you can easily check by going to the security settings to see where you’ve logged in. If there is a suspicious login that clearly was not you, you have been hacked. 

How to avoid social media hacks

* Be wary of public wifi.

The reason? A public Wi-Fi/wireless connection is designed to provide an easy way for anyone in the immediate area who wants to go online to do so. To make that happen, the security measures are often lower. In a lot of places you don’t need a password; at other places, there might be a password, but just about anyone can get it.

* Be careful about adding strangers on social media 

Accepting a social media request from someone you don’t know isn’t inherently dangerous, but it’s often the start of a scam. 

It’s possible the person just wants to boost their number of friends, or they want you to follow them back. But it could be more nefarious than that. If your social profile is set so only accepted friends and followers can see your posts, accepting a random person lets a stranger see personal content. They’ll see who your friends and family are, important information about you like the town you live in or your birthday, and even photos of you. All of these details are exactly what someone needs to pull off a scam.

* Do not click on suspicious links or messages, even if they are posted by someone you know. 

Steps to take if your social media has been hacked 

The Federal Trade Commission’s consumer information page recommends you take the following actions: 

1. Update your security software, run a scan, and delete any malware.

If you’re not sure how your account was hacked, you can use either the security software that comes with your computer, phone, or tablet or download software from a reputable, well-known security company. Then, run it to scan your device for malware. If the scan identifies suspicious software, delete it, and restart your device.

Microsoft has a built-in program that runs a malware scan on your PC for free. It’s incredibly simple, and can keep your computer safe.

2. Change your passwords.

If you’re able to log into your email or social media account, change your passwords ASAP. If you use similar passwords for other accounts, change them, too. Make sure you create strong passwords that will be hard to guess.

If you can’t log in to change your password, check the advice your email provider or social network has available. Several popular email service providers like Gmail and social media websites like Facebook and Twitter give advice on how to restore and protect your account. If someone took over your account, you might need to fill out forms to prove it’s really you who’s trying to get back into your account.

3. Set up two-factor authentication.

While you’re updating your password, check if your email or social media account lets you turn on two-factor authentication. Two-factor authentication requires a password plus something else — say, a code from an authenticator app — to prove it’s really you. Google Authenticator is an example of an app that can be connected to all of your online accounts and adds a solid layer of security.

4. Revoke access to any suspicious third-party apps.

You shouldn’t grant third-party access to websites or apps that don’t follow community guidelines (as on Instagram or Facebook). And websites that offer free followers or likes are definitely a major red flag. 

What To Do Once You’re Back in Your Account

1. Check your account settings.

After you log back in to your email account, check on a few things:

  • Look at your signature block and make sure it doesn’t have any unfamiliar links.
  • Check your settings to see if there are “rules” set up to forward emails automatically. Delete any rules you didn’t set up, so your messages aren’t forwarded to someone else’s address.
  • On your social media account, look for changes since you last logged in — like any new “friends.”

2. Take stock of what’s in your inbox.

Consider what kind of information the hacker might have seen. Hackers look for information that can help them find usernames and passwords to important sites, like online banking or retirement accounts. Consider changing the usernames and passwords for those accounts as well.

3. Look for tracks.

In your email account, review the Sent, Trash, and Deleted folders. You might be able to uncover clues about what the hacker may have done. Search for emails that the hacker sent from your account, or that the hacker may have viewed and then deleted.

In your social media account, check for messages that the hacker might have sent from your account.

This information will help you figure out what information was exposed. If it was, visit IdentityTheft.gov to find out what you should do next.

4. Report misused information at IdentityTheft.gov.

If you the hacker misused your sensitive information, like your Social Security number, to access or open new accounts, to apply for government benefits, to file federal taxes, or any other misuse, report it. At IdentityTheft.gov, you can create an individualized recovery plan to help you recover from identity theft.

5. Tell your friends.

Send your friends a quick email or text, or post something to let them know that you were hacked. Tell them not to click on links in emails from you or respond to a hacker’s fake pleas for help or money. If you’re emailing a bunch of people, put their email addresses in the Bcc line to keep them confidential. You could also send them this article, too.

How to protect your accounts from getting hacked in the future 

  • Protect your information. Think twice when someone asks you to share your username and password. Never give them out in response to an email. If the email or text seems to be from your bank, for example, visit the bank website directly. 
  • Set your security software, internet browser, and operating system (like Windows or Mac OS X) to update automatically.
  • Get well-known software directly from the source. Sites that offer lots of different browsers, PDF readers, and other popular software for free are more likely to include malware.
  • Don’t treat public computers or a friend’s phone like it’s your own device. If it’s not your computer or phone, don’t let a web browser remember your passwords. 

Report any scam posts or messages you encounter on social media to the platform so they can help stop the threat of other people’s accounts getting hacked. 

Social media can be a great way to network, promote your business, and connect with friends and family. And although it is daunting and violating when someone hacks into your accounts, if you take proactive safety steps, you can prevent bad actors from accessing your social media accounts next time around.  

Related Articles

All
  • All
  • Easy Prey Podcast
  • General Topics
  • Home Computing
  • IP Addresses
  • Networking
  • Online Privacy
  • Online Safety
Stuart Madnick has been in cybersecurity since 1974 and knows a lot about the costs of cyberattacks.

The Cost of Cyberattacks: Minimizing Risk, Minimizing Damage

Most of us view the internet as a useful and benign tool. But in many ways, it’s…

[Read More]

How to Keep Your YouTube from getting Demonetized

You finally did it–you hit all of the markers for acceptance in the YouTube Partner program, and…

[Read More]

How to Stay Out of Facebook Jail

Many of us have been there before–behind the proverbial bars of social media punishment. We’re left shocked…

[Read More]
Lisa Plaggemier's job is to promote cyber security awareness.

Cyber Security Awareness for Everyone

You can do anything on the internet – shop, bank, meet your future spouse, become famous, and…

[Read More]

Cyberbullying Prevention: What Parents Can Do

It’s very easy for anyone to create a fake online profile and say or do mean things…

[Read More]
Lost iPhone

Lost iPhone? If It’s Missing, Look Up to the Cloud for Help.

Here's an important piece of advice: You need to learn what Find My and iCloud.com can do...

[Read More]