Rubber Stamp with Instagram Logo on white paper

How to stop your Instagram account from being hacked

Social & Email
With Yve Grady-Crewes, from The English Stamp Company

25TH AUGUST 2023

How to secure your account on Instagram? Learn the importance of two-factor authentication, using strong passwords and other safeguarding tips to protect your Instagram account from hackers. Read The English Stamp company’s critical advice to stop this happening to your business…

Social Media Security

Why do you need to protect your Instagram account?

Instagram is so much more than a platform to small businesses. For many of us, it’s a lifeline — perhaps even where we launched or grew. It goes far beyond posting pictures and likes. It’s a digital shopfront where you generate sales, a way to connect with other small businesses, find suppliers, stockists and manufacturers and a place to build a community by igniting conversations and collaborations. In short, it’s a vital channel for many independents.

Instagram hacking is on the rise

  • According to Gitnux stats from 2023, 85% of Instagram accounts and 25% of Facebook accounts were compromised, with 70% of victims being locked out and 71% having their friends contacted by the hackers.¹
  • If your Instagram account is integral to your business, and others can see that, you’re going to be a prime target. Because if you didn’t care if it was gone, you wouldn’t pay to get it back.
  • And when people attack you, they’re going to ask for money — though it’s not just that you lose but years of hard work too.

Yet sadly, many of us overlook the vital task of protecting our accounts from hackers. The good news is that there are simple steps you can take to keep your Instagram presence safe.

What’s it like to have your Instagram account hacked?

Yve Grady-Crewes from The English Stamp Company shared what they went through when their account was hacked back in 2020, and they lost eight years of content and all of their hard-earned followers overnight. Here’s their story (and how you can help ensure this doesn’t happen to you)…

What’s it like to have your Instagram account hacked?

Yve Grady-Crewes from The English Stamp Company shared what they went through when their account was hacked back in 2020, and they lost eight years of content and all of their hard-earned followers overnight. Here’s their story (and how you can help ensure this doesn’t happen to you)…

The English Stamp Company shares their experience of Instagram hacking

The English Stamp Company, a family run business based in Dorset, was established in 1992 and creates bespoke rubber stamps. With almost as many dogs as people working from their factory (a converted dinosaur museum, no less!) Yve has worked for the company for many years and does a bit of everything — from social media to processing orders and even making the odd stamp!

She said, “We were a bit slow to the Instagram party to be honest, but now it’s everything. It’s our shop window. It’s how we promote. It’s how we communicate new products. It’s how we get our inspiration as well — it’s really good for keeping up with key trends and seeing what’s going on out there. And it’s our community and how we interact with customers.”

What happens when you are hacked on Instagram?

Yve shared, “One day, I went onto our Instagram account and it just wasn’t there. We then got an email from ‘Carlo’, probably a bot, saying that he was really sorry for the inconvenience, but he was holding our account to ransom and if we didn’t respond within two hours, he would delete all of the content and our account would be gone. And that’s what happened.”

Holly & Co Lock and Wooden shield
If your Instagram account is integral to your business, and others can see that, you’re going to be a prime target. Because if you didn’t care if it was gone, you wouldn’t pay to get it back.
Holly Tucker on her iPhone wearing a pink top

How to protect your Instagram account from being hacked? Try these top security tips…

You might be thinking, well, Instagram would surely just intervene if you got hacked and give back your account? For Yve, this wasn’t the case. “Your first port of call is to contact Instagram and that’s not very easy. We went through all of their help centre processes and it just felt like we were going around in circles every time, going through all the stages and then coming back to the beginning with no answer.”

So, what do you need to do, right now, to protect your account and make sure this never happens? Here are some security tips.

1. Turn on two-factor authentication within the Instagram app

This is the most important action to take and decreases your chances of being hacked to almost zero. It requires something you know (username and password) and something you have (your phone) every time you login on an unknown device or change your password. This means that every time someone tries to access your account on a new device, you will be notified and have to provide a one time access code for them to be able to get in. You can have this code sent via text message to the person who ‘holds the key’ to your account or you can use a two factor authentication app, such as Duo Mobile or Google Authenticator.

2. Ask, ‘Why should I use strong passwords?’

Pick a strong and unique password that you haven't used for other accounts. Use a combination of at least six numbers, letters and special characters (such as !$@%), and try to avoid repetition. This means not using your kids’ or pets’ names, date of birth or any other information that is easily accessible for hackers to discover. It will be harder for you to remember but, guess what, that makes it a heck of a lot harder to hack, too!

3. Never give your password to someone you don’t know and trust

Instagram will NEVER ask you for your password. Sending DMs that look like they’re from Instagram requesting you to share your password is one of the easiest ways hackers get access to your account. Don’t share it.

According to Gitnux stats from 2023, 85% of Instagram accounts and 25% of Facebook accounts were compromised, with 70% of victims being locked out and 71% having their friends contacted by the hackers.(1)

4. Think before you authorise any third-party apps

Never share your login information with an app that you don't trust. If you give these apps your login information, whether with an access token or by giving them your username and password, they can gain complete access to your account.

5. Ask, ‘How often should account passwords be changed?’

Every three months (or straight away if you see a message from Instagram asking you to do so). If Instagram detects that your password may have been stolen, changing your password on Instagram and other sites helps to keep your account secure and prevents you from being hacked in the future.

6. Make sure your email account is secure

Anyone who can read your email can probably also access your Instagram account. Change the passwords for all of your email accounts and make sure that no two are the same.

7. Remember to log out of shared devices

Log out of Instagram when you use a computer or phone that you share with other people. Don't tick the ‘Remember me’ box when logging in from a public computer, as this might leave it open for others.

8. Make sure you can answer: What is the ‘think before you click’ rule?

  • Hackers usually pretend to be legitimate contacts or companies. Even messages from friends could be compromised, so always verify their authenticity before clicking any links they’ve included.
  • If someone claiming to be from Instagram or Facebook requests your login details, it's a phishing attempt so delete it and report it. Authentic communication from Instagram will come via email.
  • Be cautious of fake emails with deceptive sender addresses, as genuine emails will usually end with @instagram.com, @facebook.com, @support.facebook.com or @mail.instagram.com.
Glitter key
If Instagram detects that your password may have been stolen, changing your password on Instagram and other sites helps to keep your account secure and prevents you from being hacked in the future.
Instagram Like by Tara Collette

9. Keep a backup of your Instagram data

You can keep a backup of your data by requesting a copy of everything you've shared on Instagram in a machine-readable HTML or JSON format. You'll need your Instagram account password to request this information. Yve says, “In the security settings there’s also a backup button. We’d never pressed that before, but you can click the backup, then it takes up to 48 hours and basically Instagram will export and send you in an email, everything you’ve posted — all your photos, all the comments and your messages, everything. So we’re now doing that every couple of months and we’ve got it saved on an external hard drive.”

Small business Instagram accounts are a target for hackers but there are simple things you can do right now to safeguard your account and minimise the risk of being hacked.

How to protect your Instagram: key takeaways…

1. With Instagram hacking, prevention is better than a cure:

If you’re hacked, it’s unlikely Instagram will be able to help you, so set up two-factor authentication now.

2. Protect your Instagram passwords to avoid hacking:

Strong, unique passwords and regular password changes will help. Never share this with anyone.

3. Don't click suspicious links:

Be cautious of fake messages, emails and collaborations.

Sources: 1. Gitnux stats on social media hacking

Useful resources: How to set-up Two-Factor Authentication, More tips for staying safe on Instagram

Images: Social media security graphic — by Ink & Mouse, Holly & Co personalised lock — commissioned by Holly & Co, Glitter key — by Holly & Co, Instagram stained glass heart — by Tara Collette.

Related content

MORE ARTICLES ON SOCIAL & EMAIL