A number of social media influencers are being targeted by hackers of Turkish origin according to a report by Trend Micro. Recently, an influential Instagram user with 15,000 followers had her account stolen via a phishing campaign.
Most of the targeted Instagram profiles commanded anything between 15,000 to 70,000 followers. However, according to the researchers at Trend Micro, there is no “target” demographic. The victims come from various backgrounds including businesses and the entertainment industry. The attackers ask the victims to pay a ransom to have their accounts restored. Regardless of what the victims do, the accounts are never given back.
Instagram account owners with a large follower count are sent phishing emails. These emails try to scam users into thinking that they are eligible for a “verified” badge on the platform. A lot of Instagram users with a high-follower count want the verified badge and end up falling for the trap set by the hackers.
Security researchers were able to obtain some of the threatening emails. One of them stated that the victim needed to send nude photos/videos or pay a ransom to receive access to the account again. Trend Micro was able to trace the activity to an online forum called “Hesap Ebedi.” A number of hackers actively discuss how to manage stolen Instagram accounts to prevent recovery.
Both Facebook and Instagram have been contacted by the security researchers, but there has been no official response yet. Trend Micro has advised users to be careful when receiving seemingly “official” email from social media platforms. It is important to keep an eye out for dubious font styles, grammatical mistakes, use of non-official domains. Any email that requests personal data are likely to be phishing emails as no platform requests authentication outside of the official login pages.
What do you think about the phishing campaigns targeting Instagram users? Let us know in the comments below. Don’t forget to join our discussions on Facebook and Twitter.