Skip to main content

Compromised official URLs

Updated over 2 months ago

Are compromised official URLs subject to takedown?

Axur does not perform takedowns of hacked accounts or compromised official URLs, as these URLs belong to legitimate brand environments that have been improperly accessed by third parties. In this context, the notification and removal of these accounts can have negative impacts, such as the deactivation of other official brand URLs or even damage to Axur's relationship with the entities responsible for these platforms. In addition, our work is primarily focused on combating internet fraud, ensuring that removal actions are directed at content that is proven to be malicious and created with the intent to deceive or harm users.

What can be recommended in these cases?

As previously explained, we do not take down any official URLs, whether they are hacked profiles or official accounts of the client/employee that are no longer in use. For this reason, in order to assist you in this process, below is a step-by-step guide of recommended actions to restore user access to the profile/website.

Instagram

Using a mobile device

You must follow these steps:

  1. Log in to Instagram and enter your username. If the offender has changed it, enter the new one.

  2. Click on the Get Help option to log in.

  3. Enter your username, email, or phone number and check: I need more help

  4. Then click I can't access this email or phone number.

  5. A list of options will appear. Select My account has been hacked and click Next.

  6. On the next screen, select the option Yes, I have a photo of myself in my account and press continue.

  7. Enter any contact email address you have access to.

  8. You will receive a confirmation code at the email address you entered in the previous step. Enter the code you received and press confirm.

  9. Press Next to start recording a short video.

  10. Finally, follow the instructions to complete the video.

If you encounter any problems after completion, please try again. If you started with a username, try starting with your phone number or email address.

Final recommendations:

Install the latest version of Instagram and try again. After recovering your account, use an authentication app (e.g., Google Authenticator, Microsoft). Do not use SMS messages or set your cell phone as a recovery method, as these are easily hacked by fraudsters.

Facebook

For Facebook, the process must be done via a browser (Chrome, Safari, Edge, etc.).

Follow the step-by-step instructions below:

  1. If you are still logged into your account, go to settings and security and change your password + add two-factor authentication, which can be done via phone number, email, or authentication app.

  2. If you lose access to your account, go to the Facebook Recovery Page: In your browser, go to facebook.com/hacked. This will take you to the recovery page.

  3. Report that your account has been compromised: Select the option "My account has been compromised" and enter your email address or phone number associated with your Facebook account.

  4. Identity Verification: Follow the instructions on the screen to confirm your identity. This may include answering security questions or identifying friends in photos.

  5. Reset Your Password: After verification, you will be asked to create a new password. Choose a strong, unique password.

  6. Review and Clear Active Sessions: Once you have regained access, review your active sessions and log out of any that look suspicious.

  7. Update Security Settings: Enable additional security features, such as two-factor authentication.

Twitter/X

For suspended official accounts, we recommend following this flow recommended by the platform:

  1. Check the Reason for Suspension - The platform usually sends an email stating the reason for suspension. It is important to review this communication to understand the reason: violation of rules, suspicious activity, spam, abusive behaviour, etc.

  2. Fill Out the Appeal Form - The main way to contest the suspension is through this official form:
    https://help.twitter.com/forms/general?subtopic=suspended
    Information that must be included:
    Full name
    Username of the suspended account (@username)
    Email address linked to the account
    Brief and objective explanation claiming the mistake or requesting review

  3. Use Corporate Channels (if applicable)
    If the executive is a public figure, verified, or represents a company with a significant presence on the platform, there are additional strategies:
    Contact via an agency or advisor with access to X for Business: agencies with a relationship with X can refer the case directly to the platform's support team. LinkedIn/public contacts at X (formerly Twitter): In urgent or high-impact cases, public profiles of X employees (such as public policy leads or support in Latin America) can be contacted with caution.

  4. Avoid Creating Parallel Accounts
    Creating new accounts during suspension may be considered a violation of policies and further complicate reversal.

  5. Monitor Your Email and Spam Folder
    The response to the appeal is usually sent by email. It is important to closely monitor updates.

Example of a brief justification (in the case of a direct appeal):

"The account was recently suspended, and so far, we have not been able to identify any conduct that violates the platform's rules. We kindly request that the case be reviewed for possible reactivation of the account."

YouTube

  1. Check if you can still access your Google account
    YouTube is linked to your Google account, so try logging in to Google Account Recovery. If you can access it, change your password immediately.
    Enable two-step verification for added security.

  2. Use YouTube Help Center
    If you can't recover your account through Google, go to:
    YouTube Account Recovery

  3. Fill out the YouTube Recovery Form
    If your channel has been hacked and altered, you can fill out a specific form so that YouTube support can review your case:
    Form for Hacked Accounts
    Select "Contact Us" and choose the option related to account security.

  4. Check Your Email
    If the hacker has changed your information, Google may have sent you an email informing you of changes to your account. Check your inbox and follow the instructions.

  5. Contact YouTube Support on Twitter
    YouTube has official support on Twitter to help with compromised accounts:
    @TeamYouTube

Websites

This scenario is different from the others, as there is no "wild card" entity to contact to regain access to the site.

  1. Check which entities this domain is linked to
    If the company's IT department does not have this information, a Whois search can be performed to indicate the main entities related to the domain.
    We recommend searching through CentralOps.

  2. Contact the related entities
    Now that you have the entity to contact, you should look for their contact channels. Usually, their policies and/or terms of use indicate the appropriate contacts for each type of situation, and you can approach them to recover access.

If you have any questions, just reach out to us at [email protected]! 😊


Related Articles
Fake Mobile App
Indicators of Compromise (IoCs)
What is Takedown?
Email configuration for Takedown
Takedown of a WhatsApp Account: Procedures and Challenges
Did this answer your question?