With the social media user base growing daily, social media account hacks are becoming increasingly common. However, user profiles of some social media platforms get compromised more often than others.
According to the data presented by the Atlas VPN team, based on the Identity Theft Resource Center survey, Instagram users suffered the most from social media account hacks and takeovers in 2021. In total, 84% of social media account takeover victims reported that their Instagram accounts got hijacked by scammers.
Instagram, which has over 1.4 billion monthly active users, is the world’s fourth most popular social media channel.
A quarter (25%) of social media takeover victims also reported losing their Facebook accounts to malicious actors. Twitter was reported by only 3% of social media account takeover victims, followed by WhatsApp (1%) and LinkedIn (1%). A whopping 68% of victims have not regained access to their social media accounts.
Social media accounts are highly valuable to cybercriminals as they hold a wealth of personal information, which may include the user’s full name, email address, phone number, birth date, physical address, photos, private messages, and more, and can be used to commit fraud.
A hijacked social media account can be utilised to take over even more accounts by publishing fraudulent posts, sending the victim’s contact list malicious links, and asking their friends to reveal personal information or provide funds. The malicious actors can also extort the account owner for money in exchange for getting back the stolen account.
Some social media accounts, like Facebook, can be used to log into various other online accounts, such as online banking, which may hold even more sensitive information. Additionally, cybercriminals can sell compromised social media accounts on the dark web.
Top ways hackers gain access to social media accounts
Malicious actors have many methods to trick victims out of their valuable information, funds, or social media accounts.
Posing as a “friend” is an effective scam tactic, as people let their guard down when communicating with people they know. According to the survey, nearly half (49%) of social media account takeover victims clicked on a link in a direct message from a friend before losing access to their social media accounts.
Cybercriminals also use “get-rich-quick” schemes to lure in unsuspecting victims and steal their personal data and accounts. A fifth (20%) of social media victims lost their accounts to cybercriminals by responding to cryptocurrency and other investment scams.
Moreover, over a tenth (13%) of social media account takeover victims provided personal information, including 2FA codes, PINs, and one-time passwords, which led to them losing access to their social media accounts.