Not sure if this is the best place to ask but I've ran into a very odd situation. A friend of mine has reached out to me about her instagram account being hacked; now I've seen plenty of times people come to me because I work in IT and they think that automatically means I can hack it back. I gave her some security tips for the future and how to stop it happening again. The strange thing is that she's now made 10 accounts and they all get hacked and taken down within 3 days of creation. Now she is pretty well known on Instagram so I'll keep her name out of it and therefore a prime target.
I told her to use a 25 character long pw with upper case, lower case, numbers and symbols. I told her to use a different device to sign up in case of any spyware on the device being used. She even made one on on a completely different phone using only 4G (in case it was something on the network) and within 24 hours the same person had done it. Strange am I right.
So there's no way these can be brute force attacks with 25 character passwords and it can't be a virus since she used a fresh out the box phone to set up the account on 4G. I'm struggling to find other things to help her without just going to the police about the issue but they won't do anything.
So I'm wondering if anyone would have any tips to help? I'm kinda stuck lol.
EDIT: Thinking about it she never changed her number, I'm going to get her to buy a different SIM in case it has been cloned.