Instagram Hacked: How to Recover Your Account and Secure It (2025 Guide)

juli 01, 2026 • security

Having your Instagram account hacked is more common than ever, and the consequences range from embarrassing to devastating. Scammers use hacked accounts to spread phishing links, run fake crypto giveaways, solicit money from your followers, or hold your account hostage for a ransom payment.

This guide walks you through every recovery option available in 2025 and 2026 — whether you can still access your email, whether you’ve lost your phone number, and what to do when Instagram’s standard recovery fails.

Signs Your Instagram Account Has Been Hacked

You may not know immediately that your account was compromised. Watch for these warning signs:

  • You receive an email from Instagram saying your email address or password was changed — but you didn’t change it.
  • You’re suddenly logged out and your password no longer works.
  • Followers message you about strange DMs or posts you didn’t send.
  • Your account is posting stories, following accounts, or sending messages on its own.
  • You see login activity from unknown locations in Instagram’s Security settings.
  • Your linked email address has been changed to one you don’t recognize.

How Instagram Accounts Get Hacked

Understanding the attack method helps you prevent it from happening again.

Phishing Links

The most common method. You click a link in a DM or email that looks like Instagram’s login page, enter your credentials, and the scammer captures them. These fake pages can be nearly indistinguishable from the real thing.

Password Reuse

If you use the same password across multiple sites and one of those sites suffers a data breach, hackers test those credentials on Instagram (called “credential stuffing”). If you’ve used the same password elsewhere, your Instagram account is at risk.

Weak Passwords

Simple passwords like “instagram123” or your birthdate can be cracked through brute force attacks within minutes.

Third-Party App Access

Some apps request Instagram login access. If any of those apps are compromised, your Instagram credentials go with them.

SIM Swapping

A hacker convinces your mobile carrier to transfer your phone number to a SIM card they control. They then reset your Instagram password using the SMS code sent to your number.

How to Recover a Hacked Instagram Account

Follow these steps in order. Start with the simplest method and escalate if needed.

Method 1: Use the Recovery Email or Phone Number

  1. Open Instagram and tap Get more help? on the login screen.
  2. Enter your username, email, or phone number.
  3. Välj Send an email eller Send an SMS.
  4. Check your email or phone for a reset link from Instagram ([email protected]).
  5. Click the link within 10 minutes (it expires).
  6. Set a new strong password immediately.

Viktigt: If the hacker already changed your email and phone number, this method won’t work. Proceed to Method 2.

Method 2: Use the Instagram “Need More Help” Video Selfie Verification

Instagram now offers video selfie verification to confirm your identity — even if all your recovery info has been changed.

  1. On the login screen, tap Forgotten password?
  2. Enter your username or email and tap Need more help?
  3. Follow the prompts to submit a video selfie.
  4. Instagram’s automated system compares your face to photos on your profile to verify your identity.
  5. If verified, you’ll receive a login link to the email address associated with your account.

This process can take 24–72 hours. The video is not stored permanently by Instagram and is deleted after review.

Method 3: Report the Hacked Account Directly

If you cannot log in at all and the video selfie option is unavailable:

  1. Go to the Instagram login page and tap Get more help?
  2. Tryck på I can’t access this email or phone number.
  3. Follow the prompts and select the option to report that your account was hacked.
  4. Fill out Instagram’s identity verification form.
  5. If your account has photos of your face, Instagram may use automated facial recognition to verify you.

Alternatively, visit instagram.com/hacked directly from a browser.

Method 4: Check for an Email from Instagram

When a hacker changes your email address on Instagram, Instagram sends a confirmation email to your original email address with a link to reverse the change.

  1. Check your original email inbox and spam folder for a message from [email protected].
  2. Look for the subject line: “We’ve noticed an unusual login attempt.”
  3. Klicka på Secure your account here within the email.
  4. This will revert the email change and give you a chance to secure your account.

This link is only valid for a limited time, so check your email immediately when you suspect a hack.

Method 5: Contact Instagram Support Directly

If all else fails, submit a support request through Instagram’s Help Center:

  1. Go to help.instagram.com.
  2. Välj Privacy and Safety CenterReport SomethingHacked Accounts.
  3. Provide your username, email, and a description of the issue.
  4. Instagram may ask you to verify your identity with a government-issued ID in some regions.

Response times vary from 24 hours to several days. Be persistent and submit follow-up requests if you don’t hear back.

My Instagram Account Was Hacked and the Email Was Changed — Now What?

This is the most frustrating scenario. The hacker has locked you out completely by changing the email address and phone number. Here’s what to try:

  1. Check the original email for Instagram’s “Your email address was changed” notification and click the reversal link immediately.
  2. Try the video selfie option — this works independently of your email or phone number.
  3. Report via instagram.com/hacked with as many account details as possible (original username, linked Facebook account if any, device you used to create the account).
  4. Contact Instagram support multiple times if needed. Some users report success after the third or fourth attempt.

What to Do Immediately After Recovering Your Account

Once you have access again, secure your account before the hacker can regain entry.

  1. Change your password immediately to something strong and unique — minimum 16 characters with letters, numbers, and symbols.
  2. Enable two-factor authentication (2FA) — go to Settings → Security → Two-Factor Authentication. Use an authenticator app (not SMS) for best protection.
  3. Review active sessions — go to Settings → Security → Login Activity. Log out all unrecognized devices.
  4. Review connected apps — go to Settings → Security → Apps and Websites. Remove any apps you don’t recognize.
  5. Check your email account — make sure the hacker hasn’t also accessed your email. Change your email password.
  6. Inform your followers — post a story letting your followers know your account was hacked and to ignore any messages sent during that time.
  7. Update your email password and consider using a different email for Instagram than you use publicly.

How to Prevent Your Instagram from Being Hacked Again

Use Two-Factor Authentication (2FA) with an Authenticator App

This is the single most effective protection available. Even if a hacker knows your password, they cannot log in without the code from your authenticator app. Avoid SMS-based 2FA since SIM swapping can bypass it.

Never Click Login Links in DMs or Emails

Instagram will never ask you to log in through a DM link. If you receive a message claiming your account is at risk with a link to log in, it’s phishing. Go directly to instagram.com instead.

Use a Unique Password for Instagram

Your Instagram password should not be used anywhere else. Use a password manager like Bitwarden (free) or 1Password to generate and store a strong, unique password.

Review Third-Party App Permissions Regularly

Check Settings → Security → Apps and Websites every few months. Revoke access to any apps you no longer use or don’t recognize.

Set Up a Trusted Contacts Backup

In Settings → Security, you can link your account to a Facebook account, which provides an additional recovery path if your Instagram access is lost.

Vanliga frågor

Can I recover an Instagram account without email or phone access?

Yes. Instagram’s video selfie verification allows you to confirm your identity without access to the linked email or phone number. The process takes 24–72 hours and compares a video you record with existing photos on your profile.

How long does Instagram take to respond to a hacked account report?

Instagram typically responds within 24–72 hours, though some users report waiting up to 7 days. If you don’t receive a response, resubmit the request or try a different recovery method.

What if the hacker deleted my Instagram account?

Instagram keeps deleted accounts for 30 days before permanent removal. If your account was deleted by a hacker, contact Instagram support immediately. If you act quickly enough, recovery may still be possible.

Can the police help recover a hacked Instagram?

Filing a police report creates a formal record, which can be useful if financial fraud occurred. However, police generally cannot compel Instagram to restore an account faster. Instagram responds only to its own support channels.

Why is Instagram asking for a video selfie to verify my identity?

Instagram introduced video selfie verification as a secure, phishing-resistant way to confirm your identity without relying on email or phone access. It uses automated facial comparison with your existing profile photos. Instagram states the video is deleted after review.

How do I know if someone is using my Instagram account right now?

Go to Settings → Security → Login Activity. This shows every device and location currently logged into your account. If you see unfamiliar entries, tap them and select “Log Out.” Then change your password immediately.

security, Cybersecurity Author at Security Briefing

säkerhet

admin är en senior personalförfattare för Government Technology. Hon skrev tidigare för PYMNTS och The Bay State Banner och har en BA i kreativt skrivande från Carnegie Mellon. Hon är baserad utanför Boston.

sv_SESwedish