Instagram accounts are being hacked en masse: how the new scheme works
12 June 05:43
Instagram users in Ukraine are being warned about a new phishing scam. Scammers are sending out mass messages threatening to block accounts for violating platform rules. This was reported by the State Service for Special Communications and Information Protection of Ukraine, according to "Komersant Ukrainian"
Experts urge users not to click on suspicious links and not to enter Instagram credentials on third-party websites.
How the new Instagram scam works
According to the State Service, attackers are sending Instagram users messages purporting to be from the platform’s support team. In the text, they warn of a possible account suspension due to alleged rule violations.
To “avoid being blocked,” users are asked to click on a link and enter their profile username and password.
“Did you receive a message on Instagram warning that your account might be blocked for a violation? It could be scammers! Attackers are sending messages on behalf of customer support and threatening to block your account,” the State Special Communications Service warned.
The links in such messages do not lead to official Instagram resources, but to phishing sites. They may visually resemble the real login page, but are created solely to steal personal data.
If a user enters their username and password there, the scammers gain access to their account.
After that, the attackers can:
- change the password and email address used for login;
- block the owner’s access to the page;
- demand money to restore the account;
- send fraudulent messages on behalf of the profile owner;
- use the page to deceive followers.
Watch us on YouTube: important topics – without censorship
How Instagram Actually Notifies Users About Account Issues
The State Special Communications Service emphasizes: Instagram’s real support team does not send users private messages and does not request passwords via third-party links.
Official notifications from Instagram are sent directly through the app.
Therefore, any message in Direct threatening to block your account and containing a link to “verify your account” should be considered suspicious.
How to protect your Instagram account from scammers
Experts advise following a few basic digital security rules:
- do not click on suspicious links in messages;
- Do not enter your Instagram username and password on third-party websites;
- check all notifications only in the official app;
- enable two-factor authentication;
- use a strong, unique password;
- Do not share verification codes with third parties.
What to do if you’ve already entered your information
If you have already clicked on a suspicious link and entered your account credentials, they should change their password as soon as possible, verify their linked email and phone number, enable two-factor authentication, and end active sessions on unknown devices.
You should also warn your friends and followers that fraudulent messages may be sent in your name.
Read us on Telegram: important topics – without censorship
