2 min read
04 Mar


Forgive me, Google, for it has been three months since my last blog. (And if I’m truthful, I didn’t write that either. It’s good though, I wouldn’t post it if it weren’t.) Life has well and truly crowbarred its way into the time I usually set aside for keeping the content on my site fresh. 

An increasingly turbulent trusteeship that has now ended, a family bereavement, yet more parental illness, half marathon training and then a few weeks ago my personal Instagram account was hacked and I go locked out of it for good. I’m very grateful that it was a personal account and not connected to my business. 

How I got reeled in   

I’m careful, considered and understand what to look out for with phishing. Especially with my business accounts. A few months ago, a business page that I follow from my personal Insta was hacked and I recall their desperate warnings not to engage with their old account. So, I didn’t. Until I did, months later… 

I received a convincing sounding message from their page (I assumed a new one) to vote for them to be chosen as a brand ambassador. Usual time they’d message etc. I only went and bloody followed the instructions, didn’t I? Without calling them. Mistake number one. 

How I got shut out 

Error number two was that my personal social media accounts were the only ones that I’d not set up 2FA for. Of course, that’s the first thing the hackers enabled. Allowing them to hijack my account to post crypto crap (which all my followers immediately recognised as not me.) 

Their more nefarious intention was to run rampant through my contacts and try to hijack their accounts in the same way. I tried to get out in front of it immediately I saw the suspicious logins to my account. But it was too late for at least one of my friends. Several other friends and colleagues had close calls. 

What I did next 

I tried contacting Meta for recovery but with no joy. I also had several recommendations for companies who could help, but I wasn’t about to surrender my account details to anyone else, however good their intentions may be. It was a pain to lose the content I’d created about my life, but I’ve still lived it! 

So quite quickly I stopped trying to recover the lost and took the opportunity to secure the rest. I went through every personal and corporate online account I had and changed the password to a unique and really strong one. Put 2FA on the lot. Really thought about whether I needed those accounts now – they’re all routes in.

Leaner and cleaner 

I’m now longer on Twitter. Deleted both accounts, haven’t missed either. Ditto to business pages for Facebook and Instagram. They were dormant anyway. I’ve gone full on Kondo on my online life. Should to that more often, it was messy… 

And my new Instagram account is now dedicated mainly to my running interest with the odd smattering of cat. I’ve made it a private page and so there are far less followers now but they’re real people and businesses that I’ve picked as relevant. 

Spare a thought over the next few months as I almost always fail on my first attempt to login to any online account. Because all my passwords are longer and different. Could have done without that at my age! But it reinforces the lesson.

 © Jo Gordon Consulting Ltd 2023

* The email will not be published on the website.