Instagram, the second most preferred social media platform among millennial has now caught the eyes of threat actors. A recent string of Instagram Phishing Scam have terrorized Instagram users wherein cyber-maniacs target popular influencers – with over 100,000 followers.
Instagram is a popular social networking service owned by FaceBook where people share photos, videos etc. As social media sites have grown in numbers by leaps and bounds, the following features give this online global network an edge over other social media platforms:
The popularity of Instagram has made it a prominent target in the cyber-crime world. Moreover, eye catching accounts with thousands of followers fascinate threat actors the most. The consequences of stealing such an account can be hazardous.
Let us read to know how the Instagram Phishing scam takes place.
Hackers gain access to popular Instagram accounts through phishing email scam. Victims receive email from threat actors posing as potential business partnership and contain a proposal to work together. As per the instructions in the mail, users are required to click on the link that directs them to phoney Instagram Login page that seeks user credentials (username & password). Once the user “logs in”, the hackers have their credentials.
The stolen credentials are used to login to victim’s account, encrypt the account and demand a ransom in Bitcoin to regain access. Panicked victims who agree to pay the ransom not only lose their money but the access to their account as well.
Accounts belonging to celebrities, popular bloggers or large companies hold a Blue tick, a sacred badge or a status symbol to add prestige and distinguish them from fake accounts. Until now this badge was awarded by the social networking site alone on basis of account popularity and fan following.
Recent changes in Instagram’s policy allow users to use the badge if their account meets certain criteria. The users themselves are required to take the initiative by requesting verification from the app by navigating to Settings-> Request Verification.
Unawareness of this recent change in policy among users has been leveraged by cyber criminals to exploit them. They created sites that masqueraded as Instagram help center pages, a hoax page that pretended to help users obtain information on badges.
Innocent users who visited the page were requested to enter username, password, full name, address, e-mail and date of birth — all for the promise of a badge.
Unsuspecting users who provided all the above mentioned information fell in the trap of threat actors who used this information to extort them.
Your account has been hacked! Your login credentials need updation! These scary alert messages are used to deceive users to gain access to their Instagram Accounts. When users click on these alert texts, they are redirected to fake login pages, where their keyboard strokes are recorded and sent to threat actors.
On taking the possession of an account, attackers completely renew the profile of the hacked account by changing the profile photo, email address, phone number to which the account is linked and so on or even encrypt the account. This makes it nearly impossible for the true owner to restore the access unless demands of cyber maniacs are met. In the latter case also the probability of retrieving your account is negligible.
Prevention is always better than cure, especially when the cure is nearly impossible. Users are recommended to observe the following precautions to stay safe and avoid Instagram Phishing Scam.
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
The researchers at Virus Removal Guidelines are dedicated to track down the latest vulnerabilities which may infringe your system security. Our team of expert performs a detailed research about every malware infection before educating our users about the same.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.