Fraudsters have diversified their tactics to target users, tempting them with verified badges or accusing them of copyright infringement.
If your Instagram account has a thousand followers or more, scammers are probably after you. Several phishing campaigns are on the rise simultaneously.
Here’s an example: A fraudulent e-mail seemingly from Instagram claims you’re eligible for a blue “Verified” account badge — just fill out the form. Another variant of fake notice claims your account will be permanently deleted for copyright infringement and you have 48 hours to appeal.
At that point, you’re supposed to click either “Verify account” or “Review complaint.” Don’t do it! Either button leads to an extremely convincing phishing page where you are supposed to input your Instagram credentials as well as your e-mail credentials. Once you submit the form, a “verified account” badge or a “we will review your feedback” reply appears, but only for few seconds. Then you’ll be redirected to Instagram’s website — a simple trick that lends additional credibility to the scam.
In reality, your data goes to the scammers, who can take over your account, modify the information needed to recover it, and start demanding ransom to give it back to you, for example. For more about Instagram hijacking tactics, read this post.
How to recognize phishing:
- Instagram initiates a verification process only at a user’s request. Click here to learn how to make such a request.
- Instagram never asks for its users’ credentials outside of its login page — or your e-mail password, ever.
- To verify whether you have any incoming notifications, use your Instagram app.
For permission content from this site must be hyperlinked when used!