• Get Surfshark
Get Surfshark

QUICK LINKS

    Blog Cybersecurity

    Avoiding hackers on social media: tips and tricks

    Ema PennellEma Pennell
    Fact-checked by Ugnė Bendikaitė
    A hand holding a padlock emerging from a social media post frame with icons to like, share, play, and bookmark at the bottom.
    Published 2024, May 9 · 14 min read Updated 2025, May 30

    Hackers on social media are getting bolder and trickier — from fake logins to sneaky DMs, it’s easier than ever to get conned if you’re not careful. The good news? You don’t need to be a tech expert to stay safe. In this article, I break down what you can do to keep your accounts secure and out of cybercriminals’ hands.

    10 tips on how to avoid getting hacked on social media

    There are countless ways to lose your data on social media — and to get hacked as well. But you’re far from defenseless. Follow these common cybersecurity tips to secure your social media accounts from hackers:

    1. Create strong and unique passwords

    Passwords are still important. At this point, we probably already know all the basics:

    • More than eight characters long;
    • Combines letters and numbers;
    • Includes at least one special character;
    • Not used on any other account.

    Yes, it may be hard to remember all those combinations — but that’s the price of safety. Complicated passwords combining letters, numbers, and special symbols are very hard to crack. Meanwhile, non-unique passwords can be leaked in data breaches and reused to hack into your accounts.

    That’s why you should use a password manager to generate and store your secure passwords — you’ll only need to remember one strong password for the vault.

    2. Enable two-factor authentication

    Suppose somebody got your social media account’s password in a data breach or stole the sticky note you’ve written it down on. What’s to stop that person from logging in? It’s 2FA (Two-Factor Authentication) — a simple extra step that helps.

    With 2FA, every login has to be confirmed via another method, like entering a code from a text message or a dedicated app. This way, a criminal needs a lot more than just your username and password to access your accounts.

    3. Secure your email accounts

    The password and 2FA advice apply to your email accounts, too. What’s more, you may want to keep your email address as private as possible.

    You can do this by using a temporary or alternative email address. Such services usually give you an address that doesn’t link to your main one but still forwards the mail to your primary inbox. For example, Surfshark’s Alternative Email allows you to generate multiple alternative email addresses with an accompanying online alias and more.

    Get Alternative ID

    Get Alternative ID

    Generate a new online persona and an alternative email address

    Get Surfshark

    4. Avoid logging into your accounts on unprotected or public Wi-Fi

    Free public Wi-Fi is always a major attraction point — and a common target for cybercriminals. They have ways to compromise the local hotspot’s security, like setting up fake hotspots, and gather your data. 

    You can protect yourself, though — just use a VPN. Once your data is encrypted, it becomes virtually impossible to misuse.

    5. Never click suspicious links

    No matter how they’re delivered — emails, messaging apps, private messages, or even as posts on your social media feed — never click on suspicious links online. At best, you’ll get spammed or exposed to a phishing attempt; at worst, your device could be infected or your account hijacked.

    6. Get trustworthy antivirus software

    Antivirus software helps defend against malware, viruses, and other digital threats. It can provide real-time protection against new threats and scan your device for threats already present. Make sure to choose one that’s well-reviewed and reliable, like AV-TEST-certified Surfshark Antivirus that’s part of an even broader cybersecurity suite.

    7. Do not engage in piracy

    Pirated files and websites hosting them often carry hidden risks. Aside from being illegal, they’re breeding grounds for scams and malware. The safest choice is to stay away from that entirely.

    8. Update your software

    An important part of software updates is security patches for newly discovered vulnerabilities. Keeping your system up to date is one of the easiest ways to stay secure, so don’t ignore or postpone those updates.

    9. Be cautious of random social media friend requests and messages

    Just because you get a friend invite or a message on Facebook, Instagram, Discord, or anywhere else doesn’t mean the sender has good intentions. Scammers often use fake profiles to spread phishing links or malware.

    10. Use data leak monitoring services

    Even if you’re careful, data breaches can still affect you. Thankfully, data leak monitoring tools like Surfshark Alert can help by notifying you when your email, password, or other personal info shows up somewhere it shouldn’t. The sooner you know, the faster you can take action.

    How to know if your social networking account has been hacked

    Not all hackers are going to lock you out of your social media accounts right away. Some like to stay hidden, letting you keep using the account to make it seem that everything is normal. But even then, there will be indications that your social networking account has been hacked. Some common hacking signs to all major social media platforms include:

    • Receiving emails about changed username, password, email, or other account settings when you haven’t changed anything;
    • Issues logging in;
    • Posts made by your account that you never made; 
    • Follow or friend requests sent to people you don’t know; 
    • Sent messages that you didn’t send;
    • Spotting an account that seems to be a copy of yours; 
    • Logins from devices or locations you don’t recognize.

    All of these happen on just about any social network. But some signs are more specific to certain platforms:

    Signs that your Facebook account has been hacked

    • Posts are appearing on your timeline that you didn’t post;
    • Logins on unrecognized devices — you can check it in Settings & Privacy -> Activity Log -> Where you’re logged in.

    You can also read detailed instructions on our dedicated blog post: How to tell if your Facebook has been hacked.

    Signs that your Instagram has been hacked

    • Account suspended for spamming other users;
    • Personal details changing;
    • Posts and reels that you didn’t post.

    Signs that your X account has been hacked

    • Mass follows/unfollows you didn’t do;
    • Comments (with spam links) that you didn’t post; 
    • Account locked for spam or suspicious activity.

    Signs that your TikTok account has been hacked

    • Your videos have been deleted;
    • New videos posted that you didn’t upload;
    • Your registration phone number changed.

    Signs that your LinkedIn account has been hacked

    • Posts on your timeline that you didn’t make;
    • Unknown invites accepted; 
    • Messages to users you didn’t message.

    What do hackers look for on social media?

    A scammer may turn to your social media profiles to gather information, even without hacking. They can collect personal details just by browsing your profile and use them later in scams or phishing attempts. Here’s what cybercriminals may find without breaking into your accounts:

    • Your name and surname; 
    • Email addresses and phone numbers;
    • Your location (country, city, address); 
    • Your date of birth and age; 
    • What you look like; 
    • Your workplace and position; 
    • Past education and employment history;
    • Your relationship status;
    • Your family and friends’ names and other details.

    If hackers manage to actually hack your account and gain the ability to post or message on your behalf, they might:

    • Send spam links to people you know;
    • Go through your messages looking for login or financial data;
    • Post spam links on your timeline or in comments; 
    • Search for sensitive information they could use for blackmail.

    Which social media platform gets hacked the most?

    It’s not always easy to get exact numbers, but we can still get a sense of which platforms are most affected. According to 2021 data from Statista, 37% of users had their social media accounts hacked. Of those:

    • 77% experienced Facebook hacks;
    • 35% had their Instagram accounts hacked;
    • 25% experienced hacks on TikTok, Twitter, and/or YouTube.

    What should you do if you’ve been hacked on social media?

    If hackers gain access to your social media accounts, don’t panic and follow these steps:

    1. Change your password immediately

    A hacker can’t keep control of your account if they don’t have the password. So, head to the platform and change your password right away.

    Then, you should log out of your account on all other devices.

    If you’ve used that same password for multiple accounts, update them, too.

    2. Contact the social media platform

    The social media platform support teams usually have protocols and procedures to follow in case of a hack or breach. Contact them if you’re having trouble resetting your password or if you need help securing your account.

    3. Check for any suspicious activity on your account

    Hackers may have used your account to send spam, post scam links, follow strange pages, or message your contacts. Take some time to review your posts, messages, and settings to see what’s changed.

    In conclusion: stay safe on social media

    Even though social media platforms have gotten better at security, they’re still not completely risk-free, and hackers are always looking for ways in. That’s why you should stay proactive about your online safety, no matter which platform you’re on.

    A good first step is using a VPN to protect your data, especially on public Wi-Fi. For broader protection, consider Surfshark One — a comprehensive cybersecurity package that includes a VPN, antivirus, data leak alerts, and more to help keep your online life secure.

    Take control of your social media safety

    Take control of your social media safety

    Protect your data. Keep your privacy. Stay secure.

    Get Surfshark

    How can someone’s social media account get hacked?

    Hackers can access your social media account in several ways: 
    • Getting your login information through a phishing attack; 
    • Stealing your login details via malware;
    • Using credentials leaked in a data breach.

    How do I recover my hacked social media account?

    A hacked social media account can potentially be recovered by contacting the official support team of that specific platform. However, not all platforms guarantee recovery. It depends on the company’s policies and available support.

    Be cautious of people online who offer to recover your account for a fee — those are scams.

    What should I do if my social media account is hacked?

    If your social media account has been hacked:
    1. Reset your password: go to the platform’s settings and change the password immediately.
    2. Contact support: let the support team know what happened and follow any steps they recommend.
    3. Check your messages and posts: the hacker may have sent spam or posted unwanted content — inform your contacts of what happened and warn them not to engage with whatever has been shared.

    Why are so many people getting hacked on social media? 

    Cybercrime has been on the rise for a long time. When COVID kept people at home, they turned to online platforms more than ever, creating more opportunities for attackers. At the same time, cybersecurity awareness hasn’t kept pace. 

    So, hackers are more motivated to go after users on social media, using fake ads, scam comments, and spam messages to trick them. In addition, some platforms have reduced their security teams or suffered large data leaks, making the situation worse.

    Rate this article
    5
    Ema Pennell
    Article by Ema PennellMaking tech talk understandable for all.
    Meet our writers
    QUICK LINKS

      Secure your online world

      Surfshark’s all-in-one cybersecurity suite lets you unlock greater safety, privacy, and freedom across the web.

      Get Surfshark

      Keep reading

      How do I know if my phone is being hacked – 8 alarming signs
      Blog Cybersecurity Mobile Security

      How do I know if my phone is being hacked – 8 alarming signs
      Ema Pennell
      2024-08-28 · 24 min read
      How hackers get your information and how to protect yourself
      Blog Cybersecurity

      How hackers get your information and how to protect yourself
      Martynas Klimas
      2024-03-29 · 17 min read
      14 signs of being hacked and what you can do about it
      Blog Cybersecurity Internet Security

      14 signs of being hacked and what you can do about it
      Rokas Aniulis
      2024-01-02 · 19 min read
      We value your privacy
      This website uses cookies that are necessary for our site to work properly and to give us information about your use of the website, as well as for marketing purposes. By accepting, you agree to the use of cookies as described in our Privacy Policy.
      Cookie settings
      This website uses cookies that are necessary for our site to work properly and to give us information about your use of the website, as well as for marketing purposes. By accepting, you agree to the use of cookies as described in our Privacy Policy.
      Always on
      These cookies are needed for our website to function, remember your key preferences and keep our website secure
      These cookies help us understand how you use our website
      We and our trusted partners use cookies to serve targeted advertising and measure performance of advertising campaigns.

      VPN deal that Rocks

      Get % off + mo. EXTRA
      Get VPN Deal