What to do if Telegram is hacked: instructions on how to save your account

According to polls, Telegram, despite its Russian origin, remains one of the most popular messengers and sources of information for Ukrainians. That's why it's so important to know how to protect it from intruders.

But what should you do if your account has already been hacked? OBOZ.UA figured out how to regain access to Telegram. As well as how to protect it from attacks.

How to understand that your Telegram is being used by scammers

For online fraudsters, a regular Telegram account is of considerable interest. By hacking it, they can scam money or gain access to confidential information. Here's what happens to an account that has been hacked:

• you can't log in to it;
• your friends have started receiving messages with suspicious links or calls;
• you start receiving login notifications from unknown devices;
• your privacy settings start changing as if by magic.

How attackers can gain access to your Telegram

There are several main ways to gain unauthorized access to your account. Here's what they look like:

phishing – in a message, you are sent a suspicious link to an unverified page, and may be asked to send a verification code, which will then be used for hacking;

fake pages – they imitate the Telegram interface well, but actually collect data needed to hack it;

requests for help in a contest or fundraiser – this is also a type of phishing that is accompanied by a personal message asking you to vote in a contest (for example, to support a child in a drawing competition) or help with a fundraiser. Such messages are sent from already hacked accounts. Attackers may also ask for a loan.

How to restore access to Telegram

If you still have access to your account, open it in the desktop or mobile version and go to the Settings section. You can find it in the upper left corner of the messenger window by clicking the icon with three horizontal lines.

In this menu, select the "Privacy and security" option, and then the "Show all sessions" option. Here you can see a list of all the gadgets used to log in to your Telegram account. If you see anything suspicious in the list, click the "End all other sessions" button. All devices except the active one will lose access to your account.

Immediately change your password to as complex as possible and enable two-step authentication when logging in. To do this, open Settings again, go to the Privacy & Security tab, select Two-Step Verification, and set a secret password.

Report to the support team that your account has been hacked. To do this, in the "Settings" menu, select "Ask a question" – "Request". You should be connected to the support team. Don't forget to also notify your contacts about the hack.

If you have lost access to your device and cannot change the Telegram settings, you will have to act differently. Block the SIM card to which the account is linked, and then restore your phone number on a new SIM card.

How to protect your Telegram from hacking

To reduce the risk of hacking, you should take all possible measures to protect your Telegram account. The first one is to set a really strong password. It should contain uppercase and lowercase letters, numbers, and allowed symbols.

Be sure to enable two-factor authentication and check your active sessions for suspicious ones from time to time. Terminate any that you have doubts about.

Don't click on links that raise the slightest suspicion.

Restrict access to personal information in your privacy settings – hide your phone number, hide your profile photo, recent activity, date of birth, and other information from unfamiliar contacts. Limit the ability to send messages from you and make voice calls.

How to repair a hacked Telegram

If the measures described above don't help, you'll have to take more drastic steps. Here's what you can do to restore access to your Telegram account.

Try restoring access using your phone number. If the attackers have only created a parallel session of your account, it will remain linked to it. That means you will continue to receive recovery codes to it. Therefore, always make sure that the phone number to which your account is linked is active.

The sooner you end all inactive sessions, the less damage attackers can do. Do this at the slightest suspicion.

Log out of your account and log in again. But make sure you remember your two-factor authentication password well. This step will help to terminate the fraudulent session and you will be able to regain access to your account.

Change your two-factor authentication password. If your SIM card is cloned or intercepted, you may not receive a verification code on your phone. In such a situation, keep trying to log in to your account, and as soon as you are able to do so, delete all unnecessary sessions and change your passwords immediately.

If other methods do not work, delete the account. In this case, the attackers will lose access to it. However, you will also have to create a new one. This step leads to the loss of all chats and contacts. That is why experts advise to make regular backups of important data.

Subscribe to the OBOZ.UA channels in Telegram and Viber to keep up with the latest events.