I’ve been wanting to write a post about Instagram for a while now, ever since I’d read another blogger’s post that I found a little upsetting. Not wanting to act in haste, I sat on the idea of writing the post and over time, the theme of it had morphed until I’d settled on guidelines for engagement via social media, specifically Instagram. However, a scary and eye-opening incident that recently occurred to another Instagrammer that I follow has inspired me to expand the post into a two-part series.
In this first part, I will be sharing the details of that “scary and eye-opening” incident, exploring an important aspect of cyber safety in this relatively new world of social media, and sharing some advice on how to protect your account. In part 2 of this series, I will focus on the philosophy of engagement that I’ve tried to use as my guiding principles as I navigate my way in social media as a blogger and as a follower of blogs. These posts are not sponsored nor am I trying to sell any program or service.
Instagram is the second most popular social media platform next to Facebook and it’s not hard to understand why. Being fairly easy to master, Instagram has harnassed the adage “a picture is worth a thousand words” and made it possible to share that picture with anyone. Select a photo, add a caption to describe the who/what/why, throw in a few of hashtags, and post.
According to the Pew Research Center, as of 2016 18% of online adults between the ages of 50 and 64 are using Instagram (up 60% from 2015). For those between the ages of 30 and 49, the participation rate is 33% (an 18% increase from 2015). When compared to an overall participation rate increase of 14% for all adult online users between 2015 and 2016, it is apparent that the popularity of Instagram with Boomers and Gen-Xers is increasing at a higher rate but at what risk?
The “scary and eye-opening” incident I referenced previously? A few weeks ago, a blogger I know posted that another Instagrammer’s account had been hacked. In her post, the blogger said that she was assisting the hacking victim with posting messages on the wrap up of a challenge the IGer had been managing because the IGer could not get access to her own account. That initial post caused me a moment of pause and pondering on how and why an Instagram account would be hacked.
A couple of days later, my blogging buddy posted in a FaceBook group about the hacking of the Instagram account. She shared that the IGer still hadn’t been able to access to her former account. The IGer had created a new one and was now faced with the task of rebuilding her following. Again, information about the hacking and the IGer’s inability to regain access to her account intrigued and confounded me. I read through some of the comments that had been left on the blogger’s post and was surprised by the number of other bloggers/IGers who told of similar experiences with their own Instagram accounts. Holy cow, how and why were those accounts hacked and more importantly, how do I prevent this from happening to me?
The Hijacking Of An Account
I reached out to Michele (this is a link to her new account), the IGer whose account had been hacked since I wanted to ask her a few questions about the incident. She graciously responded with yes and when we spoke, Michele shared her insight into how she thinks it all went down. All that I’m about to share in this post about our conversation is done with Michele’s knowledge and approval.
By the time we had talked, the incident had occurred a couple of weeks prior so Michele had already done a lot of thinking about the hijacking. She’d also been trying to get her old account back. Michele told me that she believed that the takeover may have been connected to an issue she’d had with using a commonly used app that creates a slideshow for Instagram. About two weeks prior to realizing that her account had been hijacked, Michele had gotten a warning while using the app that one of her photos could not be uploaded because of inappropriate content. This had seemed odd to her because the photos were just like any other that she usually posted on Instagram. Without much thought to it, Michele just loaded up the photos into Instagram using its slideshow option.
A few days had passed when Michele received an apparently authentic email from Instagram. The email told her that her account was under investigation and it asked for a response from her. Even though the email appeared that it might be legitimately from Instagram, Michele didn’t think much of it because she didn’t think that she’d done anything warranting an investigation. So she ignored that one and a few others that she received until one that had been sent on August 12th. That email included a response deadline of August 14th or her account would be suspended. She was instructed to click on the link provided and then Michele was prompted to provide her account name as well as her password which she did. In a nutshell, it appears that she’d fallen for a phishing scam.
Michele’s first inkling that something was amiss with her account was when she noticed that name shown with her comments on others’ posts was slightly different and a short time later, the hacker posted a ransom note on her photo feed. Then the hacker changed the name of the account several times and cropped the photos to remove her face from the images which made it difficult for Michele to prove herself to Instagram as the true owner of the account.
Out of frustration, Michele made an attempt to contact the hacker and asked what was special about her account. She was told that an account like hers with a high number of followers could be sold to an online retailer and if she didn’t pay the ransom then that’s what would happen with hers. Michele didn’t pay the ransom. At the time we spoke, she believed that the account is still active although under another name and the apparent current “owner” (who claimed to have bought it) had also offered to sell it back to her.
The How And Why Of Hacking
First, let me clearly and emphatically say that I’m no expert in this field. Even though I think that I’m quite savvy in the use of a variety of software programs, my knowledge about cyber safety is limited to the advice I get from the professionals. I also know nothing about hacking other than it seems to happen a lot and to people/companies/entities great and small.
All that being said, I did some research for this post as well as to satisfy my own curiosity. I found that there are two key methods for hacking into an account. The first is brute-force by where a program is used to cycle through all possibilities of passwords until a match is made and access is gained. The other method is called phishing which is what appears to have happened to Michele.
In my search for additional information on the subject, I came across an interesting article published by View The Vibe (an online magazine) called Confessions of an Instagram Hacker. The article hits on the psychology behind the “social engineering” approach that is used to get a targeted person to reveal the privately known information that can be used to access that person’s account.
Protecting Your Account
Is your Instagram account at risk? If your account is private, you’d likely not be the target of a hacker because you probably have a low number of followers so there would be little monetary value to your account. Since that’s no guarantee that it wouldn’t happen, you might find the tips provided below helpful to ensure that you’re doing all you can to secure your account and prevent the heartache of having it hijacked. If your account is public and especially if you’ve got a high number of followers, please consider each of these key suggestions that I’ve gleaned from the professionals for improving on the security of your account.
An easy to understand resource on the subject that I found in my research was this article, 12 Steps to Keep from Getting Your Account Hacked. In its online help center, Instagram also provides security tips to help keep your account safe. Practically speaking, these tips would apply to any online accounts you have, from social media to email to banking to shopping and so on. It boils down to the following basics;
- select a good password, protect your password, use different passwords for each of your accounts, and most importantly, remember your passwords
- take advantage of other account access limiters like secret answers, alternate email, and/or a mobile number
- use two-factor (or “multi-factor”) authentication
- periodically review and update all of the above in the event some of your personal information has been compromised during the hacking of another person/company/entity
The one last absolute without a doubt tip to safeguard your account that I want to share with you is to be hyper aware of phishing scams. A company with whom you have an account will never, ever need your password to gain access to your profile. You should never provide your password via email no matter how official the email appears to be or how threatening the message. If any links within an email take you to a log in screen, abandon ship as this is the hallmark of another type of phishing scam. If you are concerned that the email may be legitimate, then make contact with the company via their website and their published “contact us” options.
What To Do If Your Account Is Hacked
Again, I’m no expert on this matter as it wasn’t my account that was hacked. As in any crisis situation, you probably shouldn’t act rashly. Be sure to gather all of the information that you can and assess if any other of your accounts were compromised.
Instagram’s online Help Center provides instructions on how to go about regaining control of your account and then re-securing against a future attack. However, based on Michele’s experience and from what I’ve read about others in similar situations, it may not always be possible to regain control. I also found this article on Log Dog that offers additional advice and steps you can take to enhance your online security.
Upcoming In Part 2
As a platform for visual storytelling and with a community of 600 million, Instagram has become a powerful tool that we can use to connect and engage with one another. In the second part of this series, I will offer my ideas on how to approach this.
In this post, I hope that you’ve found a useful tip or two on securing your Instagram account, as well as others that you have, against hacking. If you’ve been the unfortunate victim of a hacking yourself, what tips do you have to share that might save someone else from the same fate?
Let’s connect! Subscribe, tweet, follow, friend, love, pin … all options are available and waiting for you. I look forward to hearing from you. And don’t forget to add a post or two to this week’s link up.