If you are the unfortunate victim of a hacked Twitter account, rest assured you are not alone. It’s happened to everyone from Taylor Swift to Pierre de Vos.
Even Twitter creator Jack Dorsey was hacked back in 2019. He had 4.2 million followers at the time.
Those who knew him could immediately tell something was off when he tweeted, “Follow @taytaylov3r or Twitter [headquarters] is blowing up”.
If you need to secure your Twitter account (or recover from a recent hack) we have you covered. Keep reading:
Prevent Twitter hack with 2FA
The most important step is to enable Two-Factor Authentication (also known as 2FA, Two-Step Verification or Dual-Factor Authentication).
You’ll find this in your account’s security settings: Settings and Privacy, then Login and Security, then select Security.
Here you will have the option to select your 2FA of choice.
Text message or a physical key
If you select ‘Text Message’, a code will be delivered to your number via SMS whenever a new login is detected.
You could also request a physical security key which you’ll need to keep in a safe place (and easily accessible) for when you lose access to your account.
Use an Autentication App
Alternatively, you could also choose ‘Authentication App’. This means you’ll have to install a third-party app (such as Google’s Authenticator) but trust me, it is 100% worth it.
I still, to this day, get an influx of SMSs every now and then when someone attempts to guess my password.
Without the code (which is sent to a private cellphone number not listed in the public domain or on any of the my profiles) they won’t have able to access my account.
Be conscious of what you do online.
This includes creating secure passwords and steering clear of Password, your name or birthday, or any easy sequence, such as 123456.
If you receive DMs [direct messages] it goes without saying that you should not click on any links, especially if the URL has been hidden by a shortner (for example https://bit.ly/3d932).
Twitter also warns against giving your username and password to third parties, your followers, even your family and friends.
When it comes to passwords, trust no one.
How to tell if your Twitter account has been hacked?
There are several tell-tale signs left behind by hackers, such as tweets (often inappropriate) appearing on your timeline.
If you didn’t write it yourself, it’s best to investigate immediately.
First, scroll through your timeline and assess the damage, then head over to your DM’s [direct messages].
Hackers will often send mass messages from hacked accounts to promote a scam, a phishing link or some other nefarious activity.
Also, take note of your Followers list: See any new additions there?
Many hackers resort to mass following (or unfollowing) once they gain access to an account.
Check your email, too. Twitter will usually send a notification when there’s a login attempt from a new location or a device not previously used by you.
You’ve been hacked for sure. Now what?
Keep calm and check your settings
The first bit of advice I can give (as someone who has been down this path myself) is do not, under any circumstances, panic.
Once you have your nerves under control, change your Twitter password immediately.
While doing this, also check your settings and make sure your login email wasn’t changed.
When hackers took control of my PSN (Playstation Network) account some years ago, they changed the login mail.
I noticed it immediately and had to contact customer support to prove the account belongs to me.
A good thing I acted swiftly — I had a local credit card and international payment facility linked to my PSN account.
Next, on to third party app inspection.
Go to your Privacy Settings, then Data and Permissions, and select Apps and Settings. See any apps you don’t recognise?
Revoke access to those third-party apps immediately. While you are there, do a proper clean-up and remove any app logins you no longer use.
Just in case…
Active login sessions
You’ll be able to see if the hackers still have access to your account by going to Sessions. This section will show you the device, location and last time used.
Remove any devices or locations you don’t recognise. Or better yet, just log out of all active sessions.
If the hackers are still logged in, they will now be prompted to re-enter (your new) password.
Last resort: Contact Twitter
And if you cannot gain access to your Twitter account at all, you’ll need to reach out to Twitter directly.
Finally, the dreaded PSA:
If you’re a public figure, consider sharing a PSA such as this:
When Buffalo Wild Wings was hacked back in 2018, they kept it casual:
“Well, we were hacked. And it wasn’t funny. We apologise for the awful posts, which obviously did not come from us”.