Instagram is all about visual content. Millions of pictures, gifs, and videos are posted every day, taken by the user who posted or shared from a different source. When a user posts content that isn’t original, this is usually done innocently, when coming across something that is educating, inspirational, or just funny.
Playing on emotion is a common tactic amongst hackers. We know this from online dating scams for example, where people will do anything in the name of love. In this case of posting content on Instagram, the fear of breaking a copyright law can be terrifying. Plus, it’s frightening to get locked out of our Social Media accounts.
Hackers who like to play on these emotions and use a sense of urgency have been sending out emails to Instagram users that look as if they are coming from Instagram, claiming that the user violated content copyrights and their account will be suspended. The email urges the user to click and object, believing it will save their account. Yikes. That’sThat’s a tempting click.
What happens when a victim clicks? They are taken to a page to submit their appeal thinking they are saving their account. On this page, the birthdate is required, presented that it’s for monitoring ads. To the innocent victim, this gives a sense of verification. But what is it used for? Date of birth can be used to hack personal information. It could help the hacker reveal other passwords and access sites that do request a date of birth as authentication.
Along with the birth date, the victim enters their Instagram password and is taken to a confirmation page that looks incredibly legit. And there it goes, the victim’s Instagram password and date of birth have been sent off to the hacker. Just like that.
Hacking into Social Media accounts is valuable for hackers. There is a lot of information in social media accounts that can be used to hack other sites like banks and other services, and it also could be used as a platform to lure followers and friends to phishing sites. Think about it, if your workmate sends you a link to a website that looks cool, you will probably check it out, but you would never do click on a link from a stranger.
So what can be done?
- When you see [URGENT] in email subject lines, put on your safety goggles on and start inspecting.
- Sender and Link Domains: In the Instagram scam, the hackers used the domain: instagram.copyrightfringementappeal.cf
Image by nakedecurity.sophos.com
There are 3 points to notice here:
- The ending of the link is not “.com” as the real Instagram is. They used a “cf”. A quick Google search will show you what the real domain is.
- The word “Instagram” in the link is the subdomain. How can we know this? When we have a link that looks like this - mail.google.com The domain is “google” and “mail” is a subdomain, of the mail service of Google. It has no connection with the domain mail.com.
- Just because it says “secure connection” and has https://, does absolutely not mean it’s secure.
* Go yourself to the site you supposedly got the email from and check if there is an issue, or how they handle such issues. Instagram’s [official explanation](https://help.instagram.com/1445818549016877) contains all the information about copyrights and how they handle such cases.
- Mobile can be tricky as you can’t see the full domain length on the address bar. Using your desktop is easier and safer, especially when you suspect a site. Safety tools like Guardio will immediately pick up on such scam sites and alert you.
- Use a password tool and change your social media passwords often. Especially if you use your social profiles to log in to other sites.
Social Media is fun; let’s keep it that way by keeping our eyes open and staying safe. Spread the word and share this post to protect your Instagrammer friends!