What to do if you’ve been hacked on social media

Your profile pic is now a crypto monkey. Your bio says you’re giving away free iPhones. Your mom just called to ask if you really made $10K from dropshipping. Bad news: you’ve been hacked. Good news: you can fix it.

Let’s walk through exactly what to do—whether you’re still logged in or completely locked out.

Signs that your social media account has been hacked

In the situation we’ve just described above, the signs of being hacked are pretty much impossible to miss. In other cases, however, they can be subtle—like a friend asking about a weird message you don’t remember sending. 

Recognizing these red flags early can help you act swiftly and minimize potential damage:

• Unexpected posts or messages: If your account is sharing content you didn’t create—be it spammy links, odd messages, or unfamiliar posts—it’s a strong indicator that someone else has access.
• Login alerts from unfamiliar locations: Receiving notifications about logins from places you’ve never been? This could mean someone has breached your account.
• Friends reporting suspicious activity: When friends or followers reach out about strange messages or posts from your account, take it seriously. Cybercriminals often use compromised accounts to spread malicious content.
• Changes to account details: Noticing alterations to your email, phone number, or profile information that you didn’t make? Unauthorized changes are a clear sign of a breach.
• New apps or permissions: Spotting unfamiliar apps connected to your account or new permissions granted? Malicious actors might have linked third-party applications to maintain access.
• Sluggish device performance: A sudden slowdown in your device’s performance can indicate malware running in the background, possibly linked to a compromised account.
• Unusual account activity: Check your account activity logs. If you see actions or logins you don’t recognize, it’s time to investigate further.

Being vigilant about these signs can help you catch unauthorized access early. If you notice any of them, it’s crucial to take immediate steps to secure your account.

Immediate steps to take after your account is hacked

Realizing your social media account has been hacked is unsettling, but acting quickly can limit the damage, protect your information, and help you recover access. 

If you can still log in, start there. If you’re locked out, there are still steps you can take to regain control.

If you still have access to your account

• Change your password right away: Make it strong, completely new, and don’t reuse one from another site. If you used that same password elsewhere, change it there, too.
• Sign out on all devices: Most social media platforms let you view and manage the devices where your account is logged in. Use this feature to sign out everywhere. This forces any unwanted sessions to end and makes sure no one else stays connected to your account after the breach.
• Check your account settings: Look for any changes to your email, phone number, or recovery options. If something’s been updated and it wasn’t you, fix it immediately.
• Let your contacts know: If anything suspicious was sent from your account, give your friends or followers a heads-up so they don’t fall for it.

If you’ve been locked out

Being locked out of your social media account can be alarming. Here’s how you can work toward regaining access:

• Start with the platform’s account recovery process: Most social media platforms have a “Forgot Password” or “Need Help?” option on the login page. Use this feature to start the account recovery process.
• Check your email for recovery links: Look for recovery emails from the platform—don’t forget to check your spam folder. They often include a link or code to reset your password. Once you regain access, follow the steps above to secure your account.
• If recovery attempts fail, report the issue: Contact the platform’s support team and share any details that can help verify your identity.

Long-term security measures to protect your social media accounts

Recovering your account is just the start. These simple habits can help keep it protected moving forward.

Use strong, unique passwords (and update them regularly)

Reusing the same password across accounts makes things easier—for attackers. Choose long, unique passwords with a mix of characters, and avoid anything guessable. A password manager like the one included with every ExpressVPN subscription helps you keep track and makes updates a lot easier.

Be wary of phishing attempts and scams

Not every threat looks suspicious. Malicious actors often pose as friends, brands, or support teams to trick you into clicking shady links. If something feels off, don’t rush—double-check before you click or share anything.

Strengthen your privacy settings

Your social accounts may be revealing more than you think. Take a few minutes to review who can see your posts, tag you, or search for you. Tighter settings limit how much info is out there—and who can use it against you.

Enable two-factor authentication across all platforms

Two-factor authentication adds an extra step at login, and that one step can stop someone in their tracks. Most platforms offer it, and once it’s on, it does a lot to keep your account secure.

Monitor your accounts regularly for suspicious activity

Keep an eye out for anything unusual—strange posts, login alerts, or changes you didn’t make. The sooner you catch it, the easier it is to deal with. A quick check now and then goes a long way. 

To further protect your accounts and your online activity, consider using a VPN. A trusted VPN like ExpressVPN can help secure your data, especially when you’re on public Wi-Fi or using unsecured networks.