Hack No: How to Protect Your Business Instagram Account From Hackers


As a business owner in the digital age, you already know how critical it is for your brand to be visible online. After all, 92.96% of global traffic comes from Google search, Google Images, and Google Maps — and if you can’t be found in those places, you might as well not even exist.

Of course, it’s not enough to just have a website; you also need a Facebook page, a Twitter account, and an Instagram handle. Videos are becoming one of the most popular ways to consume content, as YouTube brings in over 2 billion visitors every month, but Instagram has also ramped up the ways in which businesses can reach new customers through both video and static photo content. In other words, you can’t afford to ignore Instagram in your marketing efforts.

But while Instagram can be a useful tool in reaching new customers, it can also make you a target for malicious activity. If you manage to build up a following or get a lot of attention for your brand on the platform, you might catch the attention from those who want to steal away your success. In general, hacking attempts have increased during the pandemic — and Instagram itself even acknowledged that hacking increased over the summer. As the pandemic drags on and many businesses rely even more on social media to connect with customers, it’s more important than ever to protect your accounts and take preventative measures that can keep your data and branding safe. Here are just a few tips you’ll want to follow to keep your business Instagram account out of the hands of hackers.

Know the Signs of a Hacking Attempt

First, it’s good to familiarize yourself with some of the most common methods hackers will use — and the signs that you might be dealing with a possible hack.

One popular tactic is to embed Instagram posts into articles online — but if you click those posts, you might be taken to a fake login page, which is really just a phishing attempt to obtain your username and password. Rather than clicking on those posts, use your Instagram app (or navigate to the desktop version) to find the account yourself. While it might be more work, it’s far better than unknowingly giving up your login credentials.

In general, it’s never a good idea to click on anything you aren’t sure about. Direct messages containing links are common. You can typically preview a message from accounts you don’t know before you accept it, so you can see if someone has sent you a suspicious-looking link. The best thing to do is to delete the message and block the account. Messages that try to entice you by boosting your follower count or warnings that you could lose your account should be ignored, reported, and blocked.

You should also take the time to monitor your followers for anything suspicious. While removing and blocking bot followers or other malicious accounts will reduce your follower account, those aren’t the people you want following your brand anyway. At best, they’ll simply inflate your numbers without any actual payoff; at worst, they could target your business or even your other followers. Be careful about the accounts you follow back, as well. There’s no obligation for you to follow back those who follow you — and as a brand, you’re better off keeping the list of accounts you follow on the lower end.

As far as recognizing when a hack has taken place, it’s usually pretty straightforward. If you’re suddenly logged out of your Instagram app and are unable to log in, your spidey senses should start tingling. You should also look at your Instagram account from a computer or another account to see whether posts have been added or deleted without your knowledge. This is a sign that your account has been taken over by someone else. The same can be said for discrepancies with followers or accounts you follow. Hackers may even change your Instagram handle, which can make it more difficult to find.

Instagram will typically email you if they notice suspicious activity or a request to change your password. Once you verify that these emails have truly come from Instagram, you’ll need to act quickly to ensure you don’t lose access to your account.

Take All Recommended Precautions

There are a number of steps you can take to make hacking attempts less successful. For one thing, you should always use a strong password and change it regularly. Do not reuse passwords between platforms or apps; instead, use a password manager to keep track of it all. If you have multiple employees who use the Instagram account for your business, a password manager can be especially helpful. When an employee moves on or should no longer have access to the account, make sure to change the password, review the email address for the account, and review login activity.

Businesses should also make sure to enable two-factor authentication. This is probably one of the most important things you can do to secure your account. By enabling this feature, you’ll be sent a unique code to either your mobile device or email that will need to be entered in order to access the account. It may make it less convenient to log in, but it adds a much-needed second layer of security and can make it much harder for hackers to gain access.

Of course, it’s always a good idea to log out of Instagram (and other apps or sites) used on shared devices. Don’t click the “remember me” box on any website, either. Always check to ensure your email is secure, as it’s pretty easy for a hacker to take control of your social media accounts if they’re able to gain access to your email address and phone number. Avoid connecting Instagram to Facebook, as well, since this can make it easier for a hacker to gain control of your brand. If your phone is stolen or misplaced, change all of your social media passwords right away. Around 83% of a company’s workload was predicted to be stored in the cloud last year, which makes it easy for you to access app information; unless you take precautions to protect your data, you could find yourself in a hairy situation.

Monitor Login and App Activity

You can also gain insight into how employees — or unauthorized parties — are using your Instagram account unbeknownst to you. Take a look at your account’s login activity and third-party app usage for more information. The login activity section will show you when (and even from where) logins have occurred, which can allow you to forcibly log those users out. You can also see which third-party apps have been granted access to utilize your account in any way. Instagram recommends revoking access to any apps that don’t follow its terms of use, but you may want to revoke access to any apps you find in this list. Just go to your account settings and look in the section that says “apps.” Any applications that you’ve authorized will be listed here; if you spot anything suspicious, you can simply eliminate them.

Dealing with an Instagram hack is a stressor that no business owner wants to deal with. If your account falls into the wrong hands, you could lose all of your followers and have a hard time building up your brand again. While hack attempts happen all the time, consumers might be less inclined to trust a brand that’s allowed their account to be stolen. To preserve your brand perception and all your hard work, make sure to take these precautions before any suspicious activity takes place.


“Devin is a writer and an avid reader. When she isn’t lost in a book or writing, she’s busy in the kitchen trying to perfect her slow cooker recipes. You can find her poetry published in The Adirondack Review and Cartridge Lit.”