Social Media Accounts And Hacker Attacks - Tips For Prevention

Social Media Accounts And Hacker Attacks – Tips For Prevention

Social media accounts and hacker attacks are two terms which are associated together, even if you don’t like to hear or read it. If you consider that, according to, the social media portal Instagram has 26,910,000 users from Germany in June 2021, then you can well imagine the attack surface offered to hackers worldwide. Here are some tips to help you protect your social media accounts from such attacks.

Delete all accounts if you don’t want to use them anymore

Hacking social media accounts that have not been active for a long time is what hackers prefer when it comes to account hijacking. In German, it means account hijacking and that ends up in successful hacker attacks in accounts that can no longer be used by the actual account owner. When performing account hijacking, users’ log-in details are stolen, used and possibly changed in order to log into the stolen account. All of this goes unnoticed for a long time if the accounts have been inactive for a long time, if it is noticed at all. In this sense, what is not there cannot be stolen.

Pay attention to the content of your photos & the messages you post

Do you work for a big company? Are you actively involved in politics or are you an employee of a small company? It doesn’t matter who or what you work for, because paying attention to what photos, messages or comments you post is something you should do either way. Wondering why? There is what is known as spear phishing. This usually involves the targeted collection of information about a person from a company in order to be able to use the sum of information against that person. Spear phishing aims to build and maintain trust between victim and attacker until the attacker has gathered enough information to do targeted damage. Thus, an attacker can start spear phishing with a comment like “Hey that looks like a great Christmas party” without you suspecting anything bad.

Use the support of companies in social media correctly

It’s not that hard, is it? Well, not really, but sometimes it is. More and more companies are offering customer service on social media channels. That’s nice and beneficial for customers and business owners, however, it’s also dangerous if mindfulness falls into the hinterlands in the process. Let’s say you make a public request for support from a company on social media channels like Facebook;

  1. One…Two…Three…bang, you get the answer via DM,
  2. you check the name – looks right.
  3. you check the content of the DM – nice answer, with link to help – looks good.
  4. open link… request to log in with your Facebook data… done…
  5. account GONE!

You no longer have access to your account because you gave your data to a hacker without any idea about an attack. In this case, you would be a victim of an angel phisher. Angel phishers aim to respond faster than the contacted company and thus get your data. To avoid such a situation, you should be sure that the message comes from the company, if you are not sure, you should contact the company in another way and ask!

Use your own strong passwords & multi-factor authentication

Cracking passwords is very easy for hackers especially when your password is “password”. If you now use the password “password” on all your accounts as well, all the fun becomes even easier for hackers. This is not what we want. So make sure you create your own and secure passwords, but because we know that a password alone can’t ensure much protection for our data as well as social media accounts, you should include the use of multi-factor authentication (MFA). You can read more about MFA here.

Contact requests & setting the preferences

Contact requests sent to you should be checked for a certain level of authenticity and trust before confirmation. The user picture shows you the picture of your known friend, but the name is completely wrong and not associable with your friend, then it is rather a case to “reject request”. The same is true for bots, which are obviously widespread on Instagram, for example. Moreover, you have the option to customize your social media account settings. For example, you can set them so that only your friends can see your published posts.


It is hard to imagine today’s world without social media accounts and, accordingly, they should not be neglected when it comes to security. A high level of attention and a certain sensitivity towards security should be applied and maintained when using the Internet anyway. If you implement the above tips, you will be a bit more on the safe side.

Table of Content

PCI Security Standards Council

PCI Security Standards Council

Subscribe to our newsletter and get all the latest news as a PayPodo insider!

Would you like to receive all the latest news from PayPodo? Then you’ve come to the right place! Register today and don’t miss anything anymore!

PayPodo operates under CustomHash AG, a company registered in Germany with Legal Entity Identifier 391200VTCFSYUNN7YA32 and with offices at Oberwallstraße 6/4, 10117 Berlin, Germany. CustomHash AG (Certificate) is an authorized Electronic Money Institution intermediary of Verified Payments UAB (Licence No. 27), which is a licensed Electronic Money Institution supervised by Bank of Lithuania under the Electronic Money Regulations.