There’s a new scam targeting highly-trafficked Instagram accounts, and anyone with several thousand followers on their account — including businesses and clients — are fair game to the fraudsters. The scheme masquerades as a false claim of copyright infringement, according to Kaspersky Labs, who first noticed the new way influential and popular users are being cajoled into giving up their credentials to attackers.
How can you tell if your company or a client is in the crosshairs? The first sign of attack comes in the form of an official-looking email, seemingly from the team at Instagram.
“Your account will be permanently deleted for copyright infringement,” the email threatens. Tripwire reports in a recent article that the scam then requires action in the next 24-48 hours that involves “addressing the claim” and “verifying credentials.” This is where the user is required to type in the account’s password, which hands over the keys to the social media account to the attackers. It doesn’t end there, though — Tripwire warns that an “email verification” is required in addition to the credentials verification, where the user is asked to choose their email provider and give up the username and password for that login as well.
Kaspersky warns the false emails from Instagram are extremely similar to actual Instagram addresses. They include “mail@theinstagram.team” or “info@theinstagram.team.” Protecting your business or your clients from giving up the information in the first place is paramount — once the information is handed over, scammers can then demand ransom to return the account, spread malicious content across the page, and of course, change the information required to assert control over the account, like passwords and security questions. Tripwire encourages managers of popular Instagram accounts to enable two-factor authentication to make it significantly more difficult for attackers to gain access to the account. Kaspersky advises staying up-to-date on best practices, like avoiding suspicious links and only logging into Instagram through the official app.
My passion is to make my mark on the world in a positive and lasting way. I want to set an example for my son that his father can compete with integrity in today’s world, be very successful, and leave the world a better place for him.
Combining my technical/business-based education with a long career steadily progressing up the corporate ladder, I decided to build a company that held true to my values. So, I founded and designed the next generation of IT support firm: CTECH Consulting Group Inc. We are a completely automated, cloud-based IT company designed to compete against any other IT firm without the overhead. We promote a lifestyle to all our staff where they can work anywhere, at any time, access any information on any device that is relevant to their job, and collaborate with anyone they want to.