We stand with Ukraine to help keep people safe. Join us

Tags Data Protection Identity Theft

What to do if your Instagram account is hacked?

Our Instagram profiles have become major parts of our lives. We use them for communication, expression, and business, and having your account hacked could have major repercussions. If you believe that your Instagram account has been hacked, you should check the signs of a hacked account, and recover, or report the hack. To prevent future issues, Clario's Instagram account protection tool can help keep your profile safe and secure at all times.

Table of contents

How to know if your Instagram is hacked

If you wonder if your Instagram account has been compromised, here are some key things you can do to check if your Instagram is hacked.  

Check login activity

The fastest way to know if someone is using your Instagram account without your consent is to check the login activity. If you find a suspicious looking login that does not belong to you, it may belong to a hacker.

Login Activity in Instagram
Check login activity on Instagram

To check what devices your Instagram is logged into, go to your Instagram Profile and select the hamburger button. Then, select Settings > Security > Login Activity. Then, go through the list of areas and see if there are any logins from unusual locations.


If you regularly use a VPN, Instagram may register the location where your exit IP address location. With this, it’s also  good to check if your exit IP address matches your login activity location as well.

Confirm your phone number and email in the settings

Instagram uses your contact details when sending your login information, security notifications, and so on. With this, it’s no wonder why your contact details are one of the first things that hackers change when taking control of an Instagram account.

How to check Instagram personal information details
Confirm your phone number and email in the Instagram settings

If you suspect that someone is attempting to gain control of your profile, quickly check your phone number and email address if they are still up-to-date and correct. To check your saved contact details on Instagram, go to Settings > Account> Personal Information.  

Look for new log notifications in your email

For those who spend a lot of time on the social media app, Instagram will be well aware of your usage. Whenever we log in to new devices, especially in unusual locations, Instagram sends an alert to our email address.  


If you received an email of an unusual Instagram log-in, it may be a sign that your account is not secure enough. When it comes to emails related to security, Instagram uses the email address security@mail.instagram.com. In addition, official Instagram security notification emails will also have a link to automatically revert any questionable changes.


Unfortunately, some hackers have been known to copy this email for their own nefarious means. For this reason, it's best to meticulously inspect any email claiming to be from Instagram, especially when it's asking you to click a link.

Have a look at your feed and stories

In some cases, hackers may post things on your Instagram feed or stories without your consent. If you notice that your account has photos, videos, or stories that you don’t remember posting, it may be that someone is using your account.


These days, it’s easier than ever to add links to stories, especially when you have over ten thousand followers or a verified account. If you have either of these things, hackers may want to target you, so they can post disappearing links that your followers can click.

Open your Instagram direct messages

Hackers that steal Instagram account log-in details continually search for ways to trick friends, family, and followers. One of the common methods of doing this are through the Instagram Direct Message feature.


Whether it's getting them to click questionable links or send you money for a supposed emergency, your Instagram DM will be the primary channel for many bad actors to take advantage of people who trust you.

Review questionable comments

While many of us have awkward moments wherein we send questionable comments, hackers often take it a step further.  Often, these questionable comments appear as generic and bot-like and responding to public Instagram posts. If you find that you are getting notifications, likes, or responses on a comment that you did not write, it's probably a hacker using your account.

Can you be hacked through Instagram DM?

There is no way for you to be hacked if you simply respond to an Instagram DM. However, it is possible to be hacked through an Instagram DM if you click any suspicious links that leads outside the app and into another website. Alternatively, it is also possible you have compromised login details because of using third-party apps.


If you want to avoid putting yourself at risk, it's best to avoid clicking any external links on Instagram, especially if you don't know the person sending it. In addition, it is best to make it a habit to inspect links before clicking them, even if it's from someone you know. After all, it could be coming from a hacker as well.

How to recover a hacked Instagram account

When it comes to recovering a hacked Instagram account, there are several things you can do.


How to recover a hacked Instagram account:

  • Check your email address for signs of hacking
  • Log off all devices by resetting your password
  • Report the hack to Instagram

Check your email address for signs of hacking

It's important to understand that there can be multiple ways that hackers can access your Instagram account. In fact, it may also be a symptom that your other log-in details online are also at risk. If possible, do a sweep of your email address to know if it was hacked as well.  

  1. Check your outbox or sent folder for things that you didn’t send
  2. Open your email trash folder for any emails you don’t recall deleting
  3. Investigate for any possible email forwarding rules

If a hacker was able to get into your email, it's likely that they will be able to still have access to your accounts even if you include additional security methods. For this reason, securing your email should always be the first step.

Log off all devices by resetting your password

As of writing, the only way to log all off devices is to reset your Instagram password. By resetting your password and logging everyone off, you can make sure that no one else is logged into your account before you make any additional changes.

1. Open your Instagram account

2. Go to the log-in screen

3. For Android:  

  • Tap Get help logging in
  • Enter your email address, phone number, or username.

4. For iOS users:

  • Tap Forgot password?  
  • Next, enter your email address, phone number, or username.

5. Tap Next.

How to recover Instagram account password
Reset password on Instagram

Afterward, you will be given further instructions on how to proceed, which is to send a link to log in to your email or through SMS. Once you have reset your password, your account will be logged out of all existing devices which still use the old password.

How to report hacked a hacked Instagram account

If you find that the hacker was able to replace your email address, phone number, or other methods that can be used to regain access to your account, you can opt to report it to Instagram.


Before you make a report with Instagram, make sure to prepare a description of your experience, which includes the following details:

  • Your Instagram username handle and previous handles
  • Original email address or mobile number associated with the account
  • Time and date  you lost access to your account
  • Where you previously logged into
  • Devices you have previously given access


How to report a hacked account on Instagram:

  1. Ask a trusted friend or family member to go to your Instagram profile
  2. Tap the three dots icon in the upper-right corner of the screen
  3. Select Report and follow the instructions


Once you have submitted your support request, the Instagram Support Team may ask for additional information to verify your identity. For example, they may ask you to take a video selfie while turning your head in different directions.

How to prevent Instagram hacking

As with many things in life, prevention is better than cure. If you’ve already experienced an Instagram hack before, it may be good to take steps to make sure that it doesn’t happen again. Here are some quick, effective ways to prevent Instagram account hacks in the future.

Create a strong password

One of the easiest ways to create barriers for potential hackers is by using a strong password. When making a strong password, make sure to use a combination of letters, numbers, and symbols that are difficult to guess. As much as possible, make the password 14 symbols long to deter hackers who attempt to hack you using brute force.


To change your password, go to your profile and click the hamburger icon. Then, select Settings > Security > Password. Then, type your current password, and your new password twice.  

How to change Instagram account password
Create a strong password on Instagram

Once you change your password, all previous logins associated with your old password will also be logged out.  

Enable Two-Factor Authentication (2FA)

Aside from having a strong password, Instagram lets its users make use of two-factor authentication or 2FA. Sometimes called dual-factor authentication, 2FA is a security process which provides users two separate ways to verify their identity.  


With Instagram, you can use WhatsApp, an authentication app, text message, or even other trusted devices as a second authenticating method.

How to enable 2FA on your Instagram account
Enable Two-Factor Authentication on Instagram

To set up 2FA on your Instagram account, go to your Instagram profile and select the hamburger icon. Then, go to Settings > Security > Two-Factor Authentication. From there, you can tap your preferred way to receive your codes.

Instagram accounts contain valuable data

To keep this information safe and prevent your account from being hacked, just use a third-party cybersecurity solution with an Instagram account protection feature such as Clario. Try it today.

  1. Install Clario on your device — available for iOS, Mac, Android
  2. Go to IdentityInstagram protection and click Add account
  3. In a few seconds the app will check level of your Instagram profile protection and will give the report
  4. Click Review and fix
clario instagram account protection

Stay fully protected! Clario will monitor you ongoing for possible breaches.

Start fresh with a safer Instagram account

If you've tried everything but still can't regain access to your account, it may be better to just cut your losses. Instead of trying to regain access to an old account, it may be better to just make a new one that is more secure from the beginning.


To not fall victim to any type of identity theft, remember to never log in to any website with your Instagram login details, avoid giving third-party apps access to your account details, and be mindful of your overall internet safety practices.


Lastly, don't forget to alert your friends and family that someone hacked your account. With this, they can be mindful of any attempts at trying to steal their time, money, or passwords.

Keep reading

Clario’s anti-tracking ensures your private info remains private.

Get started