STEPS: How to recover your hacked social media accounts

Whether it’s your email, social media or some other type of online service, there are many things which can alert you to the fact that someone else is accessing your account.

Being locked out of the account is a visible indication that something has gone wrong, but the signs can be more subtle. Things to look out for include logins or attempted logins from unknown locations or at unusual times. Changes to your security settings and messages sent from your account that you don’t recognise are also indicators.

However you discover the problem, once you know your account has been hacked, this is what you should do:

Update your devices

The Operating Systems and apps on the devices you use should all be updated. These updates will install the latest security fixes. If you have, it installed, run a scan with up-to-date antivirus software. This isn’t usually necessary for phones and tablets.

Contact your provider

If you can’t access your account, go to the account provider homepage and find a link to their help or support pages. These will detail the account recovery process.

If you can’t find what you need on the service’s website, try a search engine like google or bing. For example, “Facebook account hacked.” Follow links to the service’s advice.

If your email account was hacked

Once you’ve regained control, check your email filters and forwarding rules. It is a common trick for the person hacking an account to set up an email forwarding rule that sends a copy of all your received emails to them. Information on how to do this should be found in your provider’s help pages.

Change passwords

Once you have confirmed there are no unwanted email forwarding rules in place, change the passwords on all accounts which have the same password as the hacked account. Then change the passwords for all the other accounts that send password reminders/resets to the hacked account.

Set up 2-factor authentication

This provides an extra layer of protection against your account being hacked in the future.

Two-factor authentication (often shortened to 2FA) provides a way of ‘double-checking’ that you are the person you are claiming to be when you’re using online services, such as banking, email or social media. It is available on most of the primary online services.

When setting up 2FA, the service will ask you to provide a ‘second factor’, which is something that you (and only you) can access. This could be a code that’s sent to you by text message, or an app.

Notify your contacts

Get in touch with your account contacts, friends or followers. Let them know that you had been hacked. This will help them to avoid being hacked themselves. You should contact the people you know regardless of whether you managed to restore your account or not.

If you can’t recover your account

You may choose to create a new one. Once you’ve done this, it’s essential to notify your contacts that you are using a new account. Make sure to update any bank, utility services or shopping websites with your new details.

Contact Cyber Emergency Response

If you feel that you have been affected by an online crime you can report a cyber incident to the Uganda Police Electronic and Counter Measures Department; the Uganda Computer Emergency Response Team; the Uganda National Computer Emergency Response Team & Co-ordination Center using their online fraud reporting tool.

UCC