What a week, friends. Whew! I’m trying to keep my head above water and am playing catch up over here, but today I promised to share more about my IG situation. Last Friday, I found myself in the unthinkable scenario I’ve feared since my career on social media got started… my account got hacked. It was my Room for Tuesday / personal account and the place I’ve shared memories with you for more than a decade. It holds the progress and evolution of our home renovations- for multiple homes we’ve lived in, memories from our travels, photos and videos of our dogs- Cash & Crosby, and our beloved Finn who crossed the rainbow bridge, and has been a place where I’ve documented our life. While it feels like a sacred, personal archive for me, it’s also very much tied to my small business and how I make a living. The moment I knew what was happening, I panicked. I wanted to share how my account got hacked, how I was able to recover it so quickly, and my thoughts & tips for other small business owners who rely on Instagram for income. There’s a lot to unpack and share, so if you’re interested or think this post could be helpful for you- click through!
After an already difficult week, I logged into my computer Friday morning with the intention of checking emails, catching up on work, and crossing my daily tasks off the to-do list. Without a second thought, I opened an email from Instagram. The previous week, I had applied for verification and was expecting an email from them anyway, so there was nothing suspicious or odd about receiving a legitimate looking email from Instagram. Nothing was misspelled, the logo was accurate, the content made sense, and it came from an Instagram email. I had no reason to believe it was malicious. I also had two factor authentication turned on (with a screen grab of my backup codes at the ready), a very difficult password in place (numbers, letters, characters, etc), and took all of the necessary precautions to avoid situations like this.
I clicked into the email and I immediately (within a minute) began receiving push notifications that someone had logged into my IG account (with a German IP address), changed my password, and had reset my two factor authentication. Obviously it was not me, so I tried to beat the hacker to the punch to change my settings and password, but it was too late. It happened within a matter of minutes. I began receiving threatening emails from the hacker requesting money to regain access to my account. I did not respond. The hacker removed my links, depersonalized my account, and even went as far to change my account name. He said he was selling my information, content, and account on the dark web. More emails came, more threats were made, and I tried to figure out how to proceed.
During this unnerving phase, with adrenaline on overdrive, it’s difficult to fight the urge to respond… but I knew not to reply. I was spiraling. Mostly because my privacy felt violated, I thought I had lost years of memories, and I knew my business would quite frankly be ruined without Instagram… over a decade of work, down the drain.
I sat at my computer in tears (still in my pajamas), reading tutorials on regaining access, testimonials from others in similar situations, watching YouTube tutorials & testimonials, all while trying to map out my next steps. I followed Instagram’s protocol for hacking– I reported that my account had been hacked. I took screen shots of everything… push notifications, the threatening emails from the hacker, my attempts at trying to regain access, etc. Jordan helped me post from our Tuesday Made account, asking others for help. I spent hours at my desk trying everything I knew to do… with no luck.
Finally, after getting nowhere, I realized I had to rely on people. Who did I know? Who works at Meta that I can connect with? I called friends of friends. I tried to rack my brain for connections. Someone messaged me on my shop account. Another friend said she had a connection. A friend’s brother called and offered to help. Thanks to incredibly kind people, I was finally getting somewhere and felt supported- unlike the basic forum Instagram instructs people to use once their account has been compromised.
My biggest piece of advice if your account has been hacked? Find someone who works at Meta… a person you can actually talk to on the phone or via email.
You’ll also need to create or share a new email address that has never been connected to an Instagram account previously. That’s how they’ll instruct you to regain access after reporting your account has been compromised. Make sure you have a backup email at the ready.
The entire process to recover my account took four days- which is very fast in comparison to most, for which I’m thankful. Again- kind people made this happen for me. I also received lots of notes from those who have been hacked and are in the same situation, who still have not regained access to their accounts- months and years later. I sympathize with them and definitely feel disheartened that this is far too common and it’s difficult to find help. The platforms themselves certainly aren’t helpful.
Throughout this very strange process, I learned a LOT. Here are my best tips for avoiding this situation, protecting your account, recovering your account (if you’re in the same boat), and keeping your small business afloat:
- Turn on two factor authentication AND set up authentication apps.
- Don’t open any emails from Instagram- even if they’re legitimate. They can always contact you in the app directly.
- Post photos of yourself (including your face) in your feed at least every 6-10 photos… so AI can recognize you (my selfie videos failed to work and I submitted 20+).
- If your account is compromised, their FAQ and standard process isn’t likely to work. Instead, rely on people… find someone (legitimate) who works at Meta and speak to them directly.
- Be aware of scammers and hackers who claim they work at Meta… this is another hack that is gaining popularity.
- Do not reply to the hacker or transfer any funds- it’s best to ignore any malicious threats or requests.
- Diversify your business and don’t rely on a singular social platform to push traffic or provide income (use multiple outlets, gather email addresses, use a website you own, etc).
It’s an icky and emotional situation that can make you feel violated, angry, or upset. I know it’s easier said than done, but stepping away from social media altogether during the process can also be helpful. Emmett & I ventured outside of cell and internet service and went camping. Knowing I couldn’t physically login, connect, or scroll was honestly very helpful. It’s a situation that is out of your hands and when lacking control, I found it easier to remove myself from technology altogether. While you’re in the interim, nothing can be done… it’s just a waiting game, so keep yourself occupied and try not to worry.
The other point I really want to emphasize is diversifying your business. If you rely on social media for income, it’s incredibly important to have a presence in multiple places. Keep in mind- you don’t own your social media platforms. If your top account were to suddenly disappear, could you live without it? Let that sink in. Set up a website you own and have complete control over. Begin collecting emails for a subscription list. Use multiple social media platforms, rather than relying on a single outlet. I’m going to link all of the ways you can keep in touch with me, should this ever happen again…
- Email List
- Room for Tuesday Blog
- Tuesday Made Shop
- My LTK Page
- My Amazon Storefront
- Room for Tuesday Facebook
- Room for Tuesday Instagram
- Tuesday Made Facebook
- Tuesday Made Instagram
Let’s keep advocating and helping one another. The bright spot throughout this entire process has been the wonderful people who took the time to message, email, connect, and offer to help. That means something to me. While social media can feel very trivial, many rely on it. It can be a wonderful place, a spot to hold memories, a way to connect, and an outlet to make a living, but it also doesn’t belong to us. When something like this happens, we’re not capable of fixing the problem on our own. It requires people who work at Meta. That was my biggest lesson. It took one malicious person to take my account away from me, and one kind person to regain it. To protect the privacy of those who helped me, I can’t share their information… but I’d definitely encourage you to ask around, put up stories on another account, ask a friend to post for you, and see if you can track down someone who works there and can help. That’s exactly what I did and it worked!
I know this isn’t the normal type of post I’d share, but I hope it’s helpful, insightful, or interesting at the very least. We’ve honestly had a rough May over here. Whew! Emmett is recovering from his surgery and I’m confident I’m getting closer to answers in regards to my own health, so it feels like we’re on the right path and things are looking up. Cheers to the weekend ahead! I’ve got friend time with my girlfriends on the agenda, gardening, and getting a little work done this week. All good things! I’ll bring you along (on Instagram of course, ha) if you want to see what I’m up to this weekend. I’ll also catch up on comments this weekend- so sorry I’m behind! I’m running on little sleep over here this week. Leave your questions for me below and I’ll get to them soon!