In the last year, social media account hijackings increased by 1,000%. Report.
In the last year, social media account hijackings increased by 1,000%. Report.
In a survey of consumers, the Identity Theft Resource Center found that 85% had their Instagram accounts compromised, while 25% had their Facebook account hijacked
Identity Theft Resource Center 

The Identity Theft Resource Center says that hijacking of social media accounts has reached epidemic proportions.

The non-profit which provides assistance to the victims of identity theft revealed in its 2022 Consumer Impact Report that social media takeovers have increased 1,000%.

A survey of consumers by the ITRC found that 85% of them had their accounts compromised.

70% of the victims of account hijacking were permanently locked out of their social media accounts and 70% had friends contacted by the hackers that compromised their account, according to a report.

It may be easy to dismiss this type of identity crime as a nuisance, but it can have a profound financial and emotional impact on people.

account hijacking 

27% of account hijacking victims lost sales revenue when they lost control of their social media.

Vulcan Cyber 

Mike Parkin, senior technical engineer at Vulcan Cyber in Tel Aviv, Israel said, "For some people, where social media is a communication platform for family and friends, losing access can range from annoyance to heartbreaking."


He told TechNewsWorld that if someone lost their account, it could mean a big hit to their income.

Abusing trust.

phishing attack Netenrich 

John Bambenek, a principal threat hunter at Netenrich, an IT and digital security operations firm based in San Jose, Calif., said that having a trusted channel of communication is one of the biggest assets for any kind of phish attack.

phishing email 

He told TechNewsWorld that he doesn't bank at Citibank, so he can ignore the email. If you use a social media account to attack your victim's contacts, they are already preconditioned to accept your message.


Paul Bischoff, a privacy advocate at Comparitech, said that people tend to trust people they know on social media.

He told TechNewsWorld that if he got a message from his mother, he would trust it. If someone takes over her social media account, it would be easy for them to trick me into sending them money, my Social Security number, or my account password.

account takeovers 

He said that by abusing this sort of trusted relationship,account takeovers can spread and be difficult for victims to detect.

Popularity breeds hackers

Picnic Corporation 

Matt Polak, CEO and founder of the Picnic Corporation, a social engineering protection company in Washington, D.C., said that account owners aren't the only victims of account hijacking.

Social media account takeover can be harmful to the person whose identity is being impersonated, as well as to those who are targeted by the criminal using the account.


Roger Grimes, a data-driven defense Evangelist with KnowBe4 in Clearwater, maintained that social media has made it a target of web predators. He told TechNewsWorld that whatever becomes popular becomes hacked. It has been true since the beginning of computers.

It is crucial that we create a personal and organizational culture of healthy skepticism, where everyone is taught how to recognize the signs of a social engineering attack no matter how it arrives. He said no matter who it appears to be sent by.

It's necessary for robust Authentication.


Matt Chiodi, chief trust officer at Cerby, maker of a platform to manage Shadow IT, said that some of the blame for account hijacking can be pinned on social media operators.

He told TechNewsWorld that none of the prominent social media platforms offer robust authentication options. This is not acceptable for tools used by consumers and enterprises.

He said that these applications do not support security standards such as single sign-on or automated user creation and removal. The bread and butter of crown jewel applications is the two standards. Criminals go after social accounts because none of them are supported.

The decline in repeat victims of identity theft was reported by the ITRC. 26% of victims said they had been a victim before, compared to 29% in 2021.


Carmit Yadin, founder and CEO of DeviceTotal, maker of a risk management platform for un-agentable devices, said that awareness may be one reason for the decline.

She told TechNewsWorld that when someone gets hacked, he takes it seriously. He will know what not to do next.

She said that he may have heard about the attacks but wasn't aware of their consequences.

Is it harder to find targets?


Angel Grant, vice president for security at F5 in Seattle, offered a possible reason for the decline. He told TechNewsWorld that victims of identity theft feel shame and embarrassment. They don't report when they are impacted because of that.


The decline may be a sign that identity thieves are finding it harder to find easy targets and get new ones, according to Ray Steen, the chief security officer of MainSpring, a provider of IT managed services.

security practices 

He told TechNewsWorld that after falling prey to an identity attack, victims clean up their digital footprint and adopt better security practices.

He said that a 3% decrease in victims is not as encouraging as it may first appear. I would hope for bigger improvements.

Cyber actors take at least one step forward for every step their victims take towards better security, and they are constantly developing new methods of attack.

What's your reaction?


0 comment

Write the first comment for this!

Facebook Conversations

Disqus Conversations