High riskSocial Media Scams

Account Ransom Scam

In this scam, an attacker takes over your social media account, locks you out by changing the details, and demands payment, often in crypto or gift cards, to return access, which they rarely honour.

Quick verdict

Risk level

High risk

Scam type

Account takeover + extortion

Main red flag

You are locked out and someone demands payment to return your account.

What to do first

Do not pay. Use the platform's official account-recovery process immediately.

What this scam usually looks like

In this scam, an attacker takes over your social media account, locks you out by changing the details, and demands payment, often in crypto or gift cards, to return access, which they rarely honour.

Example message pattern

Example pattern — not a real report

Example pattern: 'I have your account. Pay $300 in crypto within 24 hours and I'll give it back, or I'll delete it and message all your followers.'

This is a fictional, anonymised example used to illustrate the pattern. It is not a verified real message, and any names are used only to show how the scam typically reads.

Red flags to watch for

Sudden lockout after a phishing link or shared code
A demand for payment to return your account
Threats to delete the account or message your followers
Payment requested in crypto or gift cards
Changed recovery email or phone on your account

What to do

Use the platform's official account-recovery tools right away
Do not pay; paying rarely returns the account
Secure your email, which is key to recovery
Warn your followers that the account is compromised

If you already clicked or replied

Reset your password through official recovery and revoke unknown sessions
Secure your email and enable two-factor authentication everywhere
Report the takeover to the platform
Keep evidence and report extortion to authorities

What not to do

Do not pay the ransom
Do not negotiate with the attacker
Do not reuse the compromised password elsewhere

Similar scams

Medium risk Social Media

Account Recovery Service Scam

When someone loses access to a hacked Instagram, Facebook or other social account, scammers often appear in comments or direct messages claiming to be a recovery expert or ethical hacker who can restore the account fast. They ask for an upfront payment, usually by gift card, bank transfer or cryptocurrency, then either vanish or string victims along with excuses. Real platforms recover accounts through their own official help pages and do not charge a private fee.

High risk Social Media

Hacked Friend Help Scam

A message arrives from a friend's account asking for money, a verification code, or to click a link. In reality the friend's account has been taken over, and the scammer is using your trust in them to reach you.

High risk Social Media

Facebook Account Recovery Scam

This scam uses a hacked friend's account to ask you to be a 'recovery contact' or share a code, which actually hands your own account to the scammer.

Frequently asked questions

Should I pay to get my account back?

No. Paying rarely returns the account and marks you as a target. Use the platform's official recovery process instead.

How did they take over my account?

Often through a phishing link or a shared verification code, sometimes after a fake login page captured your password.

How do I recover my account?

Use the platform's official 'forgot password' and account-recovery tools, secure your email, and enable two-factor authentication once back in.

What if they message my followers?

Warn contacts through another channel that your account is compromised, and report the account and extortion to the platform and authorities.

Last reviewed: June 2026

Disclaimer: This page provides educational information only to help you recognise common scam patterns. It is not legal, financial, cybersecurity, or law enforcement advice, and it does not confirm whether any specific message, company, or person is genuine or fraudulent. When in doubt, contact the official organisation directly and report concerns to your local authorities.