Has My Social Media Account Been Hacked?

Cyber hacking has become a normal part of life, and it’s part of the risk people take to enjoy the information, entertainment, and connectedness of social media. Everyone that uses social media, and by extension, the internet, e-commerce, and email, dreads the idea of having their accounts hacked, and their personal information compromised. There are many proactive steps users can and should take to protect their accounts, but here are some tips on what to do when that isn’t enough.

What to do when social media accounts are hacked

Not long ago, a social media hack coursed through Facebook. It happens, even to accounts dormant for months on end. Direct messages containing a copy of a “video” sent from what seemed like friends and relatives flooded many individual messenger inboxes. Responses varied from, “Hey, I can’t open it”, to, “Looks like you were hacked”. After came the onslaught of messages, texting back, “I’ve been hacked! If you clicked on the image, change your password.”

A flood of direct messages from contacts is a big red flag

What to do: If it’s not birthday messages or some big life event that connections are acknowledging, assume an account has been hacked. Change the password right away. Post a notification that the account was hacked and what to look for. A sufficient message example would be, “if you receive a direct message from me with a picture from your homepage, do not click on it! I was hacked.” Also, respond to direct messages from connections, letting them know what happened. Furthermore, check to see if all logins were actually from a correct device and report the incident to the social media provider if someone else is gaining access to the feed.

Here are a few more signs that your social media account was hacked:

Posts appear on your feed that you didn’t post

What to do: Change the password right away. Check to see if the logins were from an authorized device and report the incident to the social media provider. (A log of all logins can be found under settings.)

There is a notification that someone is logged into the account at the same time or from a location not recognized

What to do: Change the password right away. Check the logins and report the incident to the social media provider.

There are a lot of new connections or accounts on the feed

What to do: Unfollow anyone unknown. Change the password right away. Check to see logins and report the incident to the social media provider.

Can’t log into the account

What to do: Report the incident to the social media provider. A quick Internet search for customer service will at least provide a link. Once the account is recovered, obviously change the password. Check for new and unknown connections and posts then delete them.

To protect from a future hack:

Check the privacy settings and make them as private as possible while still being able to comfortably use the service.

Enable multi-factor authentication, if it’s available. Multi-factor authentication will require that, in addition to the password, there is at least one other form of authentication, such as a number texted to the phone, facial recognition, or fingerprint.

Do not click on links in social media posts, direct messages, or download attachments unless the sender is trustworthy. Links and downloads are the most common methods hackers use to steal account credentials and download malware to the device.

Want more information like this delivered straight to your inbox? Click the “Follow” button on the bottom right and enter your email address.

© 2019 The Hartford Steam Boiler Inspection and Insurance Company. All rights reserved. This article is for informational purposes only and is not intended to convey or constitute legal advice. HSB makes no warranties or representations as to the accuracy or completeness of the content herein. Under no circumstances shall HSB or any party involved in creating or delivering this article be liable to you for any loss or damage that results from the use of the information contained herein. Except as otherwise expressly permitted by HSB in writing, no portion of this article may be reproduced, copied, or distributed in any way. This article does not modify or invalidate any of the provisions, exclusions, terms or conditions of the applicable policy and endorsements. For specific terms and conditions, please refer to the applicable endorsement form.

Monique Ferraro

Monique is counsel in Munich Re’s US Cyber Practice at HSB. Previously, she was principal at a digital forensics, e-discovery and information security consulting firm and owner of a law firm. Ms. Ferraro is a Certified Information Systems Security Professional.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.