- Instagram phishing campaigns are on the rise, propagating more and more scamming messages.
- People receive messages that claim their presence to some type of a nasty or hot list.
- It all leads to fake Instagram login pages that look identical to the real thing.
It seems that phishing scams have grown extremely popular, and the platforms that are plagued by them are the same ones that host the content of millions and millions of online users as well as brands, companies, and any entity there is to impersonate. The whole idea of “getting lost in the crowd”, pretending to be someone else, and tricking people into believing you has proven to be very effective for scammers in previous Instagram campaigns, so they are at it again, and they will continue to be at it as long as it’s working out.
McAfee researchers have been following the Instagram-based phishing scams and provided some insight about the “Nasty List” last week. That campaign targets Instagram login credentials by sending messages to users through hacked accounts, claiming that they spotted them on a “Nasty List”. This message contains a phishing URL which leads to an Instagram login page which is, of course, spoofed. With this going on successfully for about a week, the scammers gathered quite a lot of Instagram account login credentials, so they got ready to enter phase two. That would be a new phishing campaign called “The HotList”.
Again, the scammers are sending messages to followers of the stolen accounts claiming that they have seen images of them on the HotList profile. If the recipient clicks the link on the bio of the account, they too land on a fake Instagram login page which looks like the real deal. This way, another account is stolen, more messages are sent to potential victims, and the vicious circle goes on, with the number of messages being propagated continually increasing. Even if the percentage of users who fall victim of these campaigns is a small one, it’s still increasing the power that the scammers are holding.
If you have received such a message and clicked on the URL, and then entered your login credentials, your account login information has flown off. If however you still have access to it, which in many cases users continue to have, you should immediately reset your password and you’ll be okay. Other than that, always be careful with messages that claim to have noticed you on any kind of a list, don’t just click URLs indiscriminately, and above all, don’t enter your login credentials on any page that looks like a login page.