Widepsread Campaign Hacking Instagram Accounts

 

 

Instagram (IG) is one of the most popular social networking sites today with one billion monthly users. With the sheer number of accounts, it has become a playground for cybercriminals and Kaspersky Lab wrote a blog post to help users prevent it from getting hijacked.

 

This social networking platform has also become a venue to connect with people from around the globe. But like in real life, users need to be wary of who they are connecting with especially when their accounts are on public mode.

To help IG users protect their account and minimize the chance of it getting hijacked, Kaspersky Lab made a list of things to be wary of.

 

Almost everyone wants that “Verified Account” or blue check badge. According to Kaspersky’s post, no one can just get a badge. It’s Instagram who decides to award it. 

For those who badly wanted a badge, scammers will pose as Instagram help centers and entice users to provide them with personal details such as “username, password, email address, first name, last name, and date of birth,” which all go right on the attackers’ laps. 

 

The users are made to wait for 24 hours and asked not to change account settings while the criminals do their job of compromising the account.

 

Criminals found a way to bypass the two-factor authentication by displaying a message saying a support service will contact the owner for more details. The message will ask for an SMS code or other security information.

 

Don’t be fooled by “scary messages” that the account is hacked or log-in credentials need to be updated. Then there is this scam to “rate a photo” that will need the users to log in to the social network. When messages start asking for these credentials then this is the time to be more wary and suspicious.

Kaspersky Lab offers the following precautionary measures to guard your account against getting compromised.

• Prevention is better than cure — especially if curing is next to impossible. By observing these simple rules, you can stay safe:

• Don’t click on suspicious links.

• Always check the address bar for the URL of the web page. If instead of Instagram.com it says something like 1stogram.com or instagram.security-settings.com, get out of there quick, and don’t even think about entering any personal data on pages like this.

• Only use the official social network app from the official store — such as Google Play for Android, or App Store for iOS.

• Don’t use account login credentials for authentication on third-party services and apps.

With more than a billion users worldwide, Instagram has long been a target of choice for all kinds of scammers. Having hijacked an account, they get access to the user’s personal information and messages. 

 

Not only that, the account can be used to spread spam, phishing, and malicious content. Quite often, on taking possession of an account, the attackers change the handle, profile photo, and e-mail address and phone number to which it is linked. 

That makes it nearly impossible for the true owner to restore access to their Instagram account.

 

As always, prevention is better than cure, especially if a cure is next to impossible. By observing these simple rules, you can stay safe:

• Don’t click on suspicious links.

• Always check the address bar for the URL of the Web page. If instead of Instagram.com it says something like 1stogram.com or instagram.security-settings.com, get out of there quick, and don’t even think about entering any personal data.

• Use the official social network app from the official store, such as Google Play for Android, or App Store for iOS.

• Don’t use account login credentials for authentication on third-party services and apps.

• Use a reliable security solution that sifts out suspicious messages and blocks phishing pages.

 

Independent:       BackEndNews      Kaspersky:     Image: CustomerPowerDesigns

 

 

Facebook & Instagram Now Show How Long You Use Them:

 

Hamas Turns To Instagram To Lure IDF Soldiers: