Hello everyone, dear readers of the AFlife.ru blog! VKontakte is one of the most popular and visited resources in Russia and the CIS. Every year the number of VK users only increases, and along with them the number of attackers who trade in hacking the pages of ordinary people is growing. In this regard, fans of the social network have natural questions: what to do if a VKontakte page is hacked, how to fix it and avoid negative consequences. In this article we will give comprehensive answers to them.
What needs to be done as quickly as possible?
Typically, a VKontakte page is hacked not in order to get to personal information, but simply to send mass unsolicited advertising (spam), as if you were sending it yourself, or to ask your friends on your behalf to lend money (for example, transfer to card). Therefore, if your page has been hacked and you do not have access to it, you should immediately:
- In any way, warn friends and acquaintances that the page has been hacked.
- Restore access to it (immediately think about where you have the phone number linked to the page - if it’s not there, then there are two options).
Do not register a new page for the same number! You will not be able to restore access to the old one that was hacked (or it will be difficult).
What to do if a VKontakte page was hacked and the data was changed?
In this case, do not worry, because all this can be changed back. In addition, frequent changes to data are controlled by the VKontakte administration and therefore, after entering information, it remains under moderation for some time.
Be sure to go to the “Edit” and look there to see if anything has been changed, and correct it if something has already changed. All that remains is to save the information and that’s all.
Edit
As a rule, pages with complex passwords are rarely hacked, so if you find yourself in a similar situation, then think about creating a very complex password. In addition, today VKontakte allows you to write in Russian letters. You can mix them with English ones, add numbers and capital letters.
If the page is still accessible
Someone found out the password and is sitting on your page, but you can still access it (you have access), or logins occur from third-party devices, from other cities or countries. Do the following (preferably from a computer, not through a mobile application):
- Go to your security settings and click End all sessions - it will say “All sessions except the current one have ended.”
- Change your VKontakte password as quickly as possible.
- If the page is not linked to your current phone number, then link it: How to change the linked phone number on VKontakte. Having a phone number linked to the page, you can always restore access via SMS. For greater security, it makes sense to enable login confirmation via SMS, but in this case the page must also be linked to an email.
Change your email password and scan your devices for viruses
Often, hacking of social media accounts is preceded by the theft of an email account password. Moreover, this may remain invisible to the user for a long time. Having gained access to the mailbox linked to your VK account, the hacker can easily take over your page. Therefore, the third mandatory step is changing your email password.
Next, turn off the Internet and scan all devices from which you accessed VKontakte for malware infection. Trojans that steal passwords are a very common phenomenon. In addition, using the capabilities of malware, attackers can log into your VK account from your own computer.
If the page is no longer accessible
Next, we’ll figure out what to do if you can no longer log into the hacked page (the hacker changed your password or phone number).
If you have another VKontakte page, log into it and warn your friends from there that your other page has been hacked. Write on your wall or send them private messages so that they don’t fall for scammers. On your behalf, attackers can ask them to transfer money to a card, put it on a mobile phone, and the like.
Maybe right now the attacker is chatting with your friends, and they think it’s you:
If there is a group that your friends are in, make an announcement about what happened there. And if you can’t get into VK anymore, ask one of your friends or relatives to warn others that your page has been hacked. It is important. Otherwise, scammers may have time to deceive them. And you need to get the page to be temporarily blocked - this is done through the “Complain” function. The administration will freeze your page so that scammers cannot continue their activities, and then you will restore access.
So, tell your friends something like the following, either yourself or through someone (you can copy it from here):
Friends! My page was hacked. Until I restore access, attackers can write to you on my behalf and ask for money. Don't fall for these tricks. Once you receive a message with such a request, click on it and the “This is spam” button, and then go to my hacked page and file a complaint through the “Complain” function. Instructions: https://vhod.ru/vkontakte/kak/pozhalovatsya/ Thank you!
Also ask someone with whom you have many mutual friends to post a warning on their wall that your page has been hacked.
Our friend's page has been hacked! Until he restores access, attackers can write to you on his behalf and ask for money. Don't fall for these tricks. Having received a message with such a request, click on it and the “This is spam” button, and then go to the hacked page and file a complaint through the “Complain” function. Instructions: https://vhod.ru/vkontakte/kak/pozhalovatsya/ Thank you!
If you have another VK page, use it to also report the page that was hacked.
When a VKontakte page has been hacked, you need to restore access to it as quickly as possible and change the password so that scammers can no longer use your page. If they send spam (unwanted advertising) on your behalf, then the page may be blocked for quite a long time, until a certain date, and before this time you will not restore it.
Remove other people's content and save yours
The second step is to check whether any extraneous content has appeared on your page that could directly or indirectly cause harm to you or your visitors. For example, applications and games – malware can be disguised as them. Also view the list of groups, friends, photo and music albums. Don’t be surprised: if a burglar wanted to harm you, he could place prohibited or compromising materials on you, so that later he could “bring you under the monastery.”
Check your personal correspondence. It is often used to send spam, requests for help with money or to take some action (vote, like, etc.).
Remove your content from the page, which could be used to harm you. After all, after changing your password, the hacker may remain in your account for some time.
How to restore access to a hacked page?
We have instructions on what exactly needs to be done: How to restore access. The easiest way to do this is if your page was linked to a phone number and this number is now with you.
If the linked number is no longer there, then you have only two options - How to restore access to VK if the number is no longer there.
For the future, we advise you to find out how to increase your security on VKontakte so that this does not happen again: VKontakte Security.
We also always recommend logging into VK through the secure start page Vhod.ru - this is your reliable friend and assistant:
What to do if the page was hacked and photos were deleted?
First, restore access, as written here on this page above (rewind and read). There is no guarantee that the photo can be restored. But you can try. We have good instructions that describe all recovery methods: How to recover a deleted VKontakte photo.
What to do if the page was hacked and the first and last name was changed?
When restoring access via SMS, you need to enter the last name that is currently on the page, and not the one that was.
After you restore access, you can change your first and last name; there is a standard function for this. Here are the instructions: How to change your first and last name on VKontakte.
If the first and last name does not change after hacking, see the options for solving the problem here: What to do if the first and last name does not change on VKontakte, the application is rejected?
Clear signs
Most likely, your acquaintances and friends will be the first to tell you about inappropriate behavior on VK. If mass spam mailings have begun, new messages are visible, but they have been read, it’s time to sound the alarm. These are all clear signs of a hack and the hacker attack has begun. Pay special attention to a few points.
Your friends are receiving strange messages from you that you did not send.
Strange messages that come from your name to friends that you definitely did not send - this is the first call. For example, these could be messages like: “Hey, go to such and such a site, there’s really cool information there.” Such hacker attacks are dangerous primarily because if a friend follows the specified link, trusting, as he thinks, in you, the virus will hack his page as well. And after that he will start sending spam from his account. And there will be not one, but two victims of a hacker attack on the network, and then in a chain reaction.
Suspicious activity detected
Of course, the activity may not be so pronounced; experienced hackers use different methods. Pay attention to whether strange communities have been added to your group list, and whether new friends have appeared. On the wall of your personal profile, “handwritten” reposts that you did not make will also be completely unexpected for you.
However, such posts may also appear on the virtual walls of others, allegedly posted by you, or captions to photographs. All this speaks about the consequences of hacking the page, and that the hacker is sending this information from you and is actively managing your personal territory.
How did I get hacked? Why?
If you were hacked, it means someone found out your username and password. It is impossible to hack the VKontakte website. Passwords are not even stored on VKontakte servers. Only certain numbers are stored there, the results of calculations, by which you can check whether the password is correct or not. But it is impossible to find out what he was like from them.
“Hacking” always means that you screwed up your password. Most often, this is a virus (which you may not even suspect) or your carelessness - someone found out the code that came to your phone and used it to reset the password, thus taking over your page. Read more here: How was I hacked? Why? The concept of "hacking".
Therefore, take the security of your page more seriously - it depends only on you whether it will be hacked or not. All security recommendations are collected here: VKontakte Security.
Why do scammers need VKontakte pages?
Pages stolen by the methods listed above are usually used to send spam and gain likes, friends and subscribers in various groups. Sometimes scammers send messages with phishing links or even requests to transfer a certain amount of money to an e-wallet or mobile phone to a list of friends with whom the “victim” has saved conversations. Unfortunately, in most cases, some of the friends also become victims of deception as a result, and lose their pages and sometimes even money. Understanding this will make you think again about improving the security of your page.
The activity history shows the time of visit at which you definitely did not visit the social network.
The most error-free way to check for hacking is to look at the activity history in your profile settings. Of course, it only works if you have access to the page. On the “Security” tab, open your activity history and see from which devices, cities, and IP addresses you logged into your account.
Found at least one suspicious activity? – change your password. Afterwards you will figure out who used your page and what he did there.
Interview with OK.ru website support service
Me: “Good afternoon. Please give you recommendations on how to behave for admins whose group has been captured by scammers. Also, please advise what group moderators should do?
In simple words: What to do if a group is stolen? Where to knock, who to write to, what scans, documents, etc. are needed?
Support agent VICTORIA: “Alas, in such situations we cannot return group administration rights.
The thing is that according to the rules of our site, each user must take care of the security of their data and profile. For example, make sure that the password is not saved in the browser, especially if someone else is using the computer.
We, the Site Administration, are not responsible for the actions or inactions of users that led to the loss of a profile or group. We cannot be held responsible for the unlawful actions of attackers, so we will not compensate for any damage they cause.
If such an unpleasant situation occurs to you, then you can contact the law enforcement authorities at your place of residence and report the fact of loss of intellectual or material property. As soon as we receive an official request, we will definitely try to help.”
Me: “That is. "The official recommendation for admins of groups that have been hacked is that they need to 'Contact the police,' and they will formalize and send a request to you?"
Support agent VICTORIA: “According to the License Agreement on the site:
8.7. The Licensor is not responsible for possible failures and interruptions in the operation of the Social Network and the loss of information caused by them. The Licensor is not responsible for any damage to the Licensee's computer, mobile devices, or any other equipment or software caused by or associated with the use of the Site or sites accessible through hyperlinks posted on the Site.
8.8. The Licensor is not responsible for the selection of the access password to the Licensee's Account by third parties and any actions performed by them using the Licensee's Account.
8.9. The Licensor is not liable for any damage, including lost profits, or harm caused in connection with the use of the Social Network, Content posted on it or other materials to which the Licensee or other persons gained access through the Social Network, even if the Licensor warned or indicated the possibility of causing such damage or harm.”
Me: “I understand what the user should do. But what measures does the Odnoklassniki website take to protect personal data? Are there closed tests for burglary resistance, for example?”
Support agent VICTORIA: “Every day we try to make our Odnoklassniki more modern, more convenient and safer for our millions of users. We send all suggestions and comments about the functionality of the site and the operation of our services to specialists so that your opinion is taken into account in their work.”
Me: “What is the technical difference between the cases:
a) Citizen Ivanov contacted the classmate support service with a complaint that his group had been hacked and deprived of admin rights.
b) The police, following a statement from citizen Ivanov, contacted Odnoklassniki with a request to reinstate him as a group administrator.
As far as I understand, there is no difference. But in the first case, you deny the person, and in the second, you return access. So why unnecessary bureaucracy? The police already have enough work to do. Nowadays, even issues of road accidents in some cases can be resolved without calling the police. Why don’t Odnoklassniki take an example from other social networks and resolve the issue without involving the police (or involve only in particularly difficult cases). Have your classmates thought about this?
Support agent VICTORIA: “For a number of categories of crimes, only a personal appeal from a citizen is provided. On our part, if there is an official request from law enforcement agencies, we will provide the necessary assistance.”
