Hacked!

Dollars & Sense, Engagement & Social Media|October 4, 2024
Reading Time 5 minutes

Your social media account has been hacked. What’s next?

By Jennifer Paulson

Don’t let hackers take over your social media. Be prepared with these tips to prevent a hack and report one when it happens. Photo by Florian Olivo/Unsplash

It can happen to accounts of all sizes, from all different business types, all around the world, and, in many cases, it can be a major pain to overcome. Hacking can shut down your social media accounts in short order, leaving you without one of your key means of communicating with your audience.

Some surveys estimate 22% of internet users have their online account hacked; 14% say they were hacked more than once. So it’s not if you’ll get hacked, but really a matter of when you’ll be victimized.

Arm yourself with background information about how to prevent a hack, how to know when you’ve been hacked, and what to do to regain control of your social presence.

Before the Hack

An ounce of prevention really is worth a pound of cure. Stave off a hack with these quick, easy tips.

  • Use a strong password. We know. Keeping track of passwords is at least as challenging as untangling extension cords that weren’t stored correctly. A strong password has eight random characters—a mix of upper- and lowercase letters, numbers, and special characters. Stay away from sequential numbers or letters, as well as repeating characters.
  • Keep your password safe, and don’t reuse passwords. Sure, it’s easy to keep your passwords on a sticky note beside your computer. But when someone happens to see it, you can leave yourself open to a stolen account. 
  • Use two-factor authentication. Most often, this looks like you logging in as usual, and then you get sent a text message with a special code to verify that you’re the account owner. A hacker might be able to get past the first level of authentication, but it’s unlikely they’ll get past the second. 
  • Beware of phishing scams and third-party apps. Watch out for obviously fraudulent email addresses, and never “verify your account” unless you’re 100% sure it’s a legitimate request. Third-party apps can include those that help you schedule your social media. While they’re helpful, they can leave you open to a hack attack.

You’ll Know When…

For most users, a hack is obvious. You’ll see a string of posts that you—or your social media manager—didn’t create and post. Alternately, you might be an email alerting you that your password has been changed even though you didn’t instigate a change. This is why it’s critical to actively check your email and your online presences on a regular—daily, if possible—basis. Then you can quickly identify a potential hack and get to work saving your accounts and online identity.

Where to Start

Begin with changing your passwords on any account that might be compromised. If you use the same email/password combination on multiple sites, be prepared to change all of those logins. 

Additionally, alert your audience, customers, and sponsors that your account might be compromised so they don’t think the hack posts are coming from you. You might not be able to post from your business account, so use your personal account and other social media platforms to spread the word.

Flag all posts made by the scammers to help protect your friends, family, and customers who might see them. You can do this by clicking the three dots in the upper-right corner of any post. Choose “Find support or report this post” to alert the platform that illegitimate posts are coming from your account. You can also ask all of your followers to do the same.

If you can, delete the hacker posts from your account.

Cover Yourself

Some hackers are relentless. They’ll continue changing your password immediately after you’ve already updated your credentials. What can you do that a hacker can’t? Go live. Show your face, which your audience will likely recognize, and ask your followers to flag all fraudulent posts and tell them not to click on anything.

While you’re at it, take screenshots of fraudulent posts to show authorities from the platform. The evidence might never see the light of day, but it’s better to have it on hand in case you need it.

Report, and Be Patient

Immediately report any hack to the platform for resolution. The help center should direct you through the most recently developed process to alert the platform that your account has been hijacked. When you do make the report, be persistent but also patient. It can take at least 24 hours to hear back, which can seem like an eternity when someone has hijacked your social media.

‘Why Do I Need a Website?’

Professionals often ask what’s the point of having a website when social media seems to be the go-to for information. In instances of stolen identity or hacked social media, your website can be the only means you have to communicate with your audience.

You don’t “own” your social media pages—the platforms do. However, in the case of your website, you do own that property and all the information shared there. If your Facebook account was hacked and couldn’t be returned to you, you’d be forced to rebuild that audience and all of the content lost in the hack. You’ll have to prove your identity to win back your fans and followers. It takes a lot more work to do all of that than it does to keep a tidy, updated website.