An Instagram DM scam in circulation since last year appears to be back. With the phishing scam, fraudsters can access your Instagram account without you even knowing about it. The scam was first reported in June 2021 and it was still in 2021 and it is still in circulation. If you fall for it, you end up providing login credentials to the fraudsters yourself. Several cyber security experts have also issued a warning about this scam.
How this scam on Instagram happens
- Fraudsters first send a link on Instagram with the caption
- A few times the caption is backed by a story. The link preview appears as if it is an Instagram post. The moment you click on the video to check whether it is actually you or not in the video, you will be directed to an Instagram login page.
- On the new page, you will see a prompt claiming that you will not be able to see the post unless you log in to your Instagram account and that is where the scam is. You are then redirected to a fake Instagram login page that is specifically designed to access the information that you ape-in. The page looks similar to the original Instagram website and the moment you enter your credentials, fraudsters take control of your account.
- It is worth noting that the moment you share your login credentials, an automated bat will share the same link with more Instagram users through your account.
How to know if a link is malicious
- There are various ways to check whether a link that you have received is dangerous or safe but the easiest way to check is to go through the URL. If you want to be sure about a link received on Instagram, check if the URL starts with HTTPS or MTTP. Almost all websites are now following HTTPS protocol, including Instagram. HTTPS uses the SSL/TLS protocol to encrypt data and any page claiming to be Instagram and does not have HTTPS in the URL can be malicious
Instagram scammers love to hide behind fake accounts and run their schemes using these timeless scam techniques:
- Send you a pitch that’s “too good to be true”.
- Post videos and pictures of cash.
- Post screenshots of financial charts.
- Reply very fast to DMs with high-pressure tactics.
- Ask you to click on suspicious links.
- Ask you to share personal data or financial information.
- Ask you to send crypto to a specific wallet address.
- Ask you for deposits on PayPal, Venmo, Zelle, etc.
Once the scammers have stolen your login details, they can:
- Change your password and lock you out of your account.
- Steal personal data like your phone number.
- Get access to connected third-party apps.
- Post scam advertisements on your profile page.
- Impersonate you and send malware links to your friends and family.
- Impersonate you and send messages to your followers asking for money.
- Blackmail you for money in exchange for your account.