What to do if your Telegram account is hacked

Account hijacking in Telegram has become a serious criminal business in today’s world. Scammers employ sophisticated methods to steal access to accounts, and then use them to attack other users through deepfakes, social engineering, and other techniques. Here’s how it typically works: having stolen an account, scammers send phishing messages to all its contacts — such as “Hi, I urgently need money. Can you help me?”, Please vote for me if you have a moment or You’ve received a gift – a one-year subscription to Telegram Premium — to hijack even more accounts.

These messages often have phishing links at the other end, which look legitimate — for example, https://t.me/premium — but actually redirect users to fraudulent websites. If you click the link and follow the scammer’s instructions, you’ll likely lose access to your Telegram account (especially if you haven’t set up two-step verification in Telegram). Your contacts may then receive similar phishing messages from your account.

Stolen or fake accounts can also be used for complex targeted attacks — sometimes employing deepfakes to deceive employees of organizations. You might encounter messages allegedly from company management that include personal details like your full name, mentioning some kind of inspection by government authorities, and demanding confidential information or financial assistance in an air of complete secrecy. These are always fake.

Meanwhile, the original Telegram account owner might not even realize at first that their account has been compromised. They continue chatting with friends, reading their favorite channels, and assuming they’re safe from scammers. How is this possible? This happens because Telegram allows multiple sessions to the same account from different devices. Having gained access to your account, scammers open a session on their device without closing your active sessions. Then they send messages, and immediately delete them on the sender’s side only. In this way, recipients see the messages, but the victim doesn’t.

As we are seeing, scammers are interested in everyone — even the most ordinary of Telegram users. In this article, we address two key questions: how to know if your Telegram account has been hacked, and if it has, what should you do?

How to know if your Telegram account has been hacked

The following are possible signs that your account has been hacked: your username or profile picture has changed; you’ve been entered into some suspicious competitions; you see a message sent from your account that’s then immediately deleted; your friends tell you they’ve received strange messages from you that you can’t see. Let’s go through these one by one…

Changes to your username or profile picture. Scammers might alter your username to include a phishing link or put the link in your bio. They might also modify your profile picture to their advantage. For example, adding a note to your photo asking for help: “I’m in trouble, please help me however you can”. Any change of information without your knowledge indicates a compromise. In short, if something has changed “by itself”, then most likely attackers are responsible: you’ve been hacked.

Participation in suspicious activities. Scammers might send you a link to activate a Telegram Premium gift subscription, and if you “activate” it, your account will be stolen. This is a fairly popular account hijacking scam, which we’ve covered in detail on the Kaspersky Daily blog. Popular, yes — but far from the only one. Here’s another one: asking for help to win a vote.

Friends report receiving strange messages from you, which you don’t see. Scammers work hard to conceal the fact that your account has been hacked. They delete all messages sent from your account on the sender’s side. The recipient gets the message (and can even reply), but you won’t know about it unless your friends inform you.

You receive a login code for a new device. However, you definitely didn’t attempt to log in, and all your known devices are already connected to your account. Scammers usually delete such messages immediately, but if you spot a request for such a code, your account is under attack right there and then.

If you notice any of these signs, act quickly — you’ve only 24 hours to save your account. Why 24 hours? Telegram has built-in protection against account theft — preventing new devices from terminating active sessions on other devices within the first 24 hours. After 24 hours, the scammers will end all other sessions on your account, and you’ll lose all access.

What to do if your Telegram account has been hacked

Here are some basic countermeasures to take if you detect signs of a Telegram account hack.

Terminate all unknown sessions

To do this, go to Settings → Devices → Terminate all other sessions (in desktop clients, this section might be called Active sessions). This will log out all sessions except the current one, cutting off the scammers’ access to your account.

How to terminate sessions in Telegram

Alternatively, you can choose specific sessions to terminate by selecting them and clicking Terminate Session, or by clicking Edit in the top right corner of the screen.

Contact technical support

To do this, navigate to Settings → Ask a question to reach Telegram support. While this might seem a safe option, the 24-hour timeline could play into the scammers’ hands here: Telegram support is handled by volunteers, so a response may take time in coming. So first of all, you should terminate all unknown sessions (see above), and enable two-factor authentication (see below).

If you proceed with contacting support, you’ll enter a chat with the Volunteer Support bot. Note that this bot can only be initiated through Settings → Ask a question — remember this to avoid falling victim to scams. The bot will provide instant FAQ answers, but there’s no option for “Account hacked” in its standard menu. To get help from a human, either select Skip and process to volunteers, or type your request in the chat, and press Yes, redirect me. Telegram will inform you that most volunteers communicate in Russian or English.

How to contact Telegram support and speak to a person instead of a bot

If you’ve already lost access to your Telegram account, there’s another way to contact Telegram support: fill out a form on the official website specifying the issue, your phone number, and your email.

Recover access to your Telegram account via SMS code

If more than 24 hours have passed and you no longer have access to your account on any device (because the hackers ended all your sessions), try recovering it with your phone number:

1. Open the Telegram app
2. Enter your phone number and confirm it
3. Select Tap to get a code via SMS
4. Enter the received code
5. Enter your two-step verification password, if set
6. End all other sessions

Bear in mind that you need to act quickly here: once you enter your phone number, all devices with an active session linked to this number will receive a notification in Telegram. This means the hackers will know you’re attempting to regain access.

Create a new Telegram account with the same number

If you can’t recover your account, the only way to continue using Telegram with the same phone number is to delete the old account and create a new one. However, in this case, you’ll permanently lose your chat history and administrator rights in your channels.

You can only delete your Telegram account if you have access to it, or if you’ve set up two-step verification. If you’ve at least one open session, go to Settings → Privacy and Security → Automatically delete my account if away for… → Delete Account Now.

If you don’t have access to your account but have two-step verification set up, you can delete the account as follows:

1. Open the Telegram app
2. Enter your phone number
3. Select Forgot password?
4. Select Unable to access
5. Select Reset account

If you don’t have access to your account on any device, and two-step verification is disabled, you can’t delete the account. Warn your friends and family about the loss of access so they don’t fall for scams sent from your account.

How to protect your Telegram account from being hacked

The best thing you can do right now to protect your account is to set up two-step verification. This means a password will be required in addition to a code when logging in from a new device. This additional security factor will make hacking more difficult, give you more time to react, and allow you to delete the account in case you lose access.

Go to Settings → Privacy and Security → Two-Step Verification. Next, create a password, enter a recovery email, and confirm it by entering the code you receive.

The password should be strong and unique to make it difficult for scammers to guess. To create and store secure passwords, we recommend using Kaspersky Password Manager.

Be sure to share this guide with friends and family — especially those new to Telegram, to help them stay safe in the digital space.