X (formerly Twitter) hacks tend to hit fast.
One minute you’re scrolling like normal. The next, your account is posting crypto promotions, sending spam DMs, or following hundreds of random accounts you’ve never heard of. Sometimes you don’t even notice until a friend asks why you’re suddenly “giving away” gift cards.
If you use X for work, your personal brand, or your business, a takeover can do real damage quickly. And in many cases, the hacker isn’t just trying to cause chaos, they’re trying to use your account to scam your followers while you still look trustworthy.
This guide walks you through exactly what to do if your X account has been hacked: how to spot the warning signs, how to regain access, and what to change immediately so it doesn’t happen again.
If you’re still locked out after trying these steps, X also offers an official support form for hacked or compromised accounts.
Signs Your X Account May Be Compromised
X account takeovers don’t always start with a full lockout. Often, the first signs are strange activity you didn’t authorize.
Watch for these red flags:
Unexpected posts: Tweets you didn’t write, especially spam, crypto links, or promotions.
Unusual DMs: Messages sent from your account that you don’t remember sending.
Account behavior changes: Random follows, unfollows, blocks, or profile changes you didn’t approve.
Security notifications: Alerts from X that your account may be compromised.
Account info changed: Notifications that your email, phone number, or password was updated without your permission.
Password suddenly stops working: You’re prompted to reset your password even though you didn’t request it.
If any of these are happening, assume your account is compromised and start recovery steps immediately.
What to Change Immediately If Your X Account Was Hacked
If your X account was hacked, assume your login details may have been stolen.
That means simply getting back into your account isn’t enough, you also need to update the passwords and settings attackers could still use.
Here’s what to change right away:
- Change your X password
- Change the password for the email account connected to X
- Turn on two-factor authentication (2FA)
- Confirm your email address and phone number are correct
- Revoke access for any suspicious third-party apps
- Review X Pro / Teams access (if you use it) and remove unfamiliar users
- Update any other accounts that share the same password
- Delete unauthorized posts and DMs (once you regain control)
If you suspect the hack started through malware or phishing, it’s also smart to update passwords for other sensitive accounts tied to your identity, like banking apps, payment apps, or your Apple/Google account.
Using a password manager like McAfee’s can help you create strong, unique passwords for every account, and store them securely in one place.
Step-by-Step: How to Recover a Hacked X Account
X offers different recovery options depending on whether you can still log in.
| Step | What to Do | Why It Matters |
| 1. Change your password immediately (if you can still log in) | Go into your X account settings and update your password to something strong and unique. | This is the fastest way to cut off unauthorized access. |
| 2. Reset your password if you’re locked out | Use the “Forgot password” option on the login screen to start account recovery. | This can help you regain access even if the hacker changed your password. |
| 3. Secure your email account | Change your email password and enable 2FA. Make sure only you can access it. | If your email is compromised, the hacker can keep resetting your X account. |
| 4. Reverse suspicious email changes if possible | If you receive an email about an account email change, check for an option to undo it. | This may allow you to regain control before the hacker fully locks you out. |
| 5. Revoke third-party app access | While logged in, review connected apps and remove anything you don’t recognize. | Some takeovers happen through malicious apps, not direct password guessing. |
| 6. Revoke mobile app sessions if needed | If suspicious activity continues, revoke access for X mobile apps from your settings so they’re forced to re-authenticate. | X notes that password changes may not automatically log out mobile sessions. |
| 7. Update your password anywhere it’s saved | If you use trusted apps or services that store your X password, update it there too. | Repeated failed login attempts can temporarily lock your account. |
| 8. Turn on 2FA | Enable two-factor authentication as soon as you regain control. | This adds a strong layer of protection even if your password gets stolen again. |
| 9. Contact X support if you still can’t regain access | Submit X’s hacked/compromised account request form. Include your username and the last date you had access. | If self-recovery fails, support may be able to help restore access. |
If you’re still unable to log in after attempting recovery, visit X’s official hacked account support form for next steps.
Watch for Phishing “X Support” Scams
One of the most common ways X accounts get hacked is through phishing.
Scammers impersonate:
- X support
- “verified account” teams
- copyright warnings
- fake sponsorship offers
- fake security alerts claiming your account will be suspended
They try to pressure you into clicking a link and logging in on a fake page designed to steal your password.
If you receive a suspicious email or DM, don’t click.
Instead, open X directly in the app or browser and check your account settings from there.
Final Tips: Recovering From an X Hack
A hacked X account can spread scams quickly, especially if the attacker uses your account to message followers directly.
The most important steps are:
- Act quickly
- Change your password immediately
- Secure the email account connected to X
- Revoke suspicious third-party app access
- Review X Pro / Teams access if applicable
- Enable two-factor authentication (2FA)
- Delete unauthorized posts once you regain control
- Scan your device for malware
McAfee offers a free antivirus scan that can help you detect malware or suspicious programs that may have compromised your account in the first place.
And if you’re still locked out or something doesn’t look right, use X’s official support request form to report the account as hacked or compromised.
Frequently Asked Questions
| Q: How do I know if my X account was hacked? A: Common signs include posts or DMs you didn’t send, unusual follows/unfollows, account changes you didn’t authorize, security alerts from X, or a password that suddenly stops working. |
| Q: If I change my password, will the hacker be logged out? A: Changing your password is critical, but some mobile sessions may remain active. X recommends revoking app access in your settings if suspicious activity continues. |
| Q: What should I do if my email address was changed? A: Check your inbox for an email from X about the change. In some cases, you may be able to reverse it using the security link. If you can’t, start account recovery immediately and submit a support request if needed. |
| Q: Should I remove third-party apps after a hack? A: Yes. X notes that malicious or untrusted third-party apps can compromise your account. Remove anything you don’t recognize or no longer use. |
| Q: What if I still can’t log in after resetting my password? A: Submit a hacked account support request through X’s official form. Be sure to include your username and the last date you had access. |
| Q: What’s the biggest mistake people make after their X account gets hacked? A: Only changing their password. If the attacker still has access through connected apps, a compromised email account, or saved sessions, they can regain control quickly. |
The post X (Twitter) Account Hacked: What to Do Right Now appeared first on McAfee Blog.
About Author
