Instagram Phishing Scammers Up Their Game with ‘HotList’

Last updated July 13, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

It seems that phishing scams have grown extremely popular, and the platforms that are plagued by them are the same ones that host the content of millions and millions of online users as well as brands, companies, and any entity there is to impersonate. The whole idea of “getting lost in the crowd”, pretending to be someone else, and tricking people into believing you has proven to be very effective for scammers in previous Instagram campaigns, so they are at it again, and they will continue to be at it as long as it’s working out.

McAfee researchers have been following the Instagram-based phishing scams and provided some insight about the “Nasty List” last week. That campaign targets Instagram login credentials by sending messages to users through hacked accounts, claiming that they spotted them on a “Nasty List”. This message contains a phishing URL which leads to an Instagram login page which is, of course, spoofed. With this going on successfully for about a week, the scammers gathered quite a lot of Instagram account login credentials, so they got ready to enter phase two. That would be a new phishing campaign called “The HotList”.

instagram_message

image source: securingtomorrow.mcafee.com
image credits: bleeping computer

Again, the scammers are sending messages to followers of the stolen accounts claiming that they have seen images of them on the HotList profile. If the recipient clicks the link on the bio of the account, they too land on a fake Instagram login page which looks like the real deal. This way, another account is stolen, more messages are sent to potential victims, and the vicious circle goes on, with the number of messages being propagated continually increasing. Even if the percentage of users who fall victim of these campaigns is a small one, it’s still increasing the power that the scammers are holding.

If you have received such a message and clicked on the URL, and then entered your login credentials, your account login information has flown off. If however you still have access to it, which in many cases users continue to have, you should immediately reset your password and you’ll be okay. Other than that, always be careful with messages that claim to have noticed you on any kind of a list, don’t just click URLs indiscriminately, and above all, don’t enter your login credentials on any page that looks like a login page.

Have scammers tried to trick you on Instagram? Share the details with us in the comments section below, and don’t forget to like and subscribe on our socials, on Facebook and Twitter.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: