Sophos announces the discovery of a new phishing campaign targeted at Instagram users. The method is simple and known, but at the same time it can be effective. The attackers send emails stating that the recipient is infringing copyright by publishing photos on Instagram and that the account is suspended for 24 hours. To appeal the decision, please click the link provided and then enter your login, password and date of birth.
After completing the above steps, the user will receive information that the case has been successfully resolved and the account lock has been removed. Of course, at this point the user also provided the attacker with sensitive data and after a while, he can completely lose access to the account. The scam has a chance of success because the attacker used the original graphics and fonts used by Instagram, and directing actions against mobile users makes it difficult for them to verify the html address (which is not displayed in full).
Hijacked accounts can be used for a variety of purposes, one of which is to demand a ransom, the other is to get followers to download a specific program. This situation happened to Mexican model and presenter Yanet Garcia.
In mid-September on her instagram profile there was information that if the program from the given link was downloaded 30 thousand. times, it … will publish its sex tape. The publication did not take place because the model regained her account.