Light Dark
March 19, 2019 By David Bisson 2 min read

Security researchers discovered that attackers are using fake copyright infringement notifications to hack Instagram influencer accounts.

Detected by Kaspersky Lab, the Instagram hacking campaign involves threat actors sending Instagram influencers fraudulent emails claiming that the social media network intends to permanently delete their account for copyright infringement. The attack email uses the social networking service’s official header and logo to deceive victims. It even originates from an email address — [email protected] or [email protected] — that looks similar to Instagram’s actual support email, [email protected].

Using these disguises, the email notifies targeted users that they have 24 hours to verify their account before it is deleted. Clicking on the email’s “Review complaint” button redirects users to a phishing page where they can supposedly appeal the decision to delete their profile.

At that point, users can proceed by clicking an “Appeal” link and submitting their Instagram credentials to the attackers. The scam then asks users to verify their email address by choosing their email provider and entering the login credentials for their account.

Just the Latest Instagram Hacking Attack

This is just the latest scam to target Instagram users. Back in August 2018, for instance, Mashable reported on a string of hacks in which threat actors took over users’ accounts and added a .ru email address to their profiles. News of another attack wave came a month later when Motherboard reported that attackers had hijacked at least four high-profile Instagrammers’ accounts and extorted them for money.

Most recently, Trend Micro detected yet another scam operation in February 2019 in which fraudsters targeted Instagram users with the false promise of a “verified” badge for their accounts.

How to Defend Against Phishing Attacks

Security professionals can help defend their organizations against phishing attacks by using ahead-of-threat detection to block potential phishing domains, even those that threat actors have cloned to look like legitimate websites.

Security teams should also test their phishing defenses by conducting a simulated phishing engagement. Organizations can then use this exercise to identify employees who need more training on social engineering attacks as well as to conduct follow-up testing for the entire workforce.

 |  |  |  |  |  |  |  | 
David Bisson
Contributing Editor

More from

May 16, 2024

Grandoreiro banking trojan unleashed: X-Force observing emerging global campaigns

16 min read - Since March 2024, IBM X-Force has been tracking several large-scale phishing campaigns distributing the Grandoreiro banking trojan, which is likely operated as a Malware-as-a-Service (MaaS). Analysis of the malware revealed major updates within the string decryption and domain generating algorithm (DGA), as well as the ability to use Microsoft Outlook clients on infected hosts to spread further phishing emails. The latest malware variant also specifically targets over 1500 global banks, enabling attackers to perform banking fraud in over 60 countries…

May 15, 2024

New cybersecurity sheets from CISA and NSA: An overview

4 min read - The Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) have recently released new CSI (Cybersecurity Information) sheets aimed at providing information and guidelines to organizations on how to effectively secure their cloud environments.This new release includes a total of five CSI sheets, covering various aspects of cloud security such as threat mitigation, identity and access management, network security and more. Here's our overview of the new CSI sheets, what they address and the key takeaways from each.Implementing…

May 14, 2024

Threat intelligence to protect vulnerable communities

2 min read - Key members of civil society—including journalists, political activists and human rights advocates—have long been in the cyber crosshairs of well-resourced nation-state threat actors but have scarce resources to protect themselves from cyber threats. On May 14, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) released a High-Risk Communities Protection (HRCP) report developed through the Joint Cyber Defense Collaborative that addresses the threat to these vulnerable groups, with findings contributed by the X-Force Threat Intelligence team.Cyber criminals seek stolen credentialsThe HRCP…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature