May 16, 2024
Instagram, with its vast user base and dynamic platform, has become a prime target for scammers and fraudulent activities. From phishing attempts to fake giveaways, these scams exploit user trust and vulnerability, often preying on people’s desire for social validation, financial gain, or exclusive opportunities. McAfee Labs has observed a particularly concerning scam where fraudsters exploit the platform’s influencer program to deceive users, showcasing the adaptability and cunning of online fraudsters.
Brand Ambassador and Influencer Program Scams
The Instagram influencer program, intended to empower content creators through collaboration and brand partnerships, has been hijacked by scammers. They promise fame and fortune to unsuspecting individuals in exchange for participation in fraudulent schemes.
Scam Process Breakdown
- Dummy Account Creation: Scammers start by creating fake Instagram accounts that look convincing and trustworthy. They choose usernames and profile pictures that resemble legitimate brands, influencers, or even official Instagram support accounts. To make these dummy accounts appear authentic, they populate them with posts, followers, and engaging bios that mimic the accounts they are impersonating. This effort aims to deceive potential victims into believing that these accounts are real and credible. These scammers also take care to maintain a consistent and professional appearance, often using high-quality images and language that aligns with the persona they are trying to project. This setup is crucial for the subsequent steps in their scam, as it forms the foundation of the trust they need to manipulate their targets effectively.
- Sharing Fraudulent Content: After gaining access to their victims’ accounts, scammers proceed to share fraudulent content. This could involve posting about various schemes, such as fake cryptocurrency investments or phony influencer contests. By leveraging the compromised accounts, scammers can reach a wider audience and lend an air of legitimacy to their scams. Additionally, they may use the compromised accounts to solicit votes or support for their fraudulent activities, further perpetuating the deception. This sharing of fraudulent content is a crucial step in the scam process, as it allows scammers to exploit the trust and credibility associated with the hijacked accounts to dupe even more unsuspecting individuals.
- Voting Request: Once the fraudulent content is shared, scammers proceed to make specific requests to their victims, such as asking them to vote in fake contests or support a particular cause. These requests often come with a link that appears to lead to a legitimate voting page or contest entry form. Scammers rely on the trust established through the compromised accounts to convince victims to comply with their requests. However, the provided links typically lead to phishing sites designed to steal login credentials or personal information. This voting request serves as a pivotal moment in the scam process, as it directly engages victims and sets the stage for further exploitation of their trust and vulnerability.
Phishing Mechanism
The phishing mechanism employed by scammers involves directing victims to fake Instagram pages or forms designed to resemble legitimate ones. When victims click on the links provided by the scammers, they are redirected to these deceptive pages, which often mimic the appearance and functionality of Instagram’s official interfaces. For instance, victims may be led to a fake login page or an email update form, both of which prompt them to enter sensitive information such as their username, password, or email address.
These phishing pages are meticulously crafted to appear authentic, often incorporating Instagram’s logos, colors, and layout to deceive users. As a result, victims may not immediately realize they are being targeted by a scam. Once victims submit their information on these phishing pages, it is captured by the scammers, who can then exploit it for unauthorized access to the victims’ accounts or for other nefarious purposes.
This phishing mechanism preys on users’ trust in familiar interfaces and their willingness to comply with seemingly legitimate requests, making it a potent tool for scammers seeking to hijack Instagram accounts and perpetrate further fraudulent activities.
During our research, we identified how scammers link to their targets using URLs like hxxp[.]//accountscenter.instagram.com/personal_info/contact_points/contact_point_type=email&dialog_type=add_contact_point
.
Testing the Scam
As part of their investigative efforts, McAfee Labs conducted tests to replicate the scam process and understand its intricacies. They created a controlled testing scenario, which involved setting up dummy email and Instagram accounts to simulate the roles of both scammers and victims.
In this testing scenario:
- Dummy Email and Instagram Account Creation: McAfee Labs created email addresses such as “scammerxxxx.com” and “victimxxxx.com” to represent the scammer and victim, respectively. Similarly, they created corresponding Instagram accounts to emulate real-world interactions.
- Following the Scam Steps: McAfee Labs followed the steps outlined in the scam process, such as entering the scammer’s email address instead of the victim’s during the phishing attempt. By mimicking the actions of scammers, they gained insights into how the scam operates and how victims might be manipulated.
- Observing the Results: Through these tests, McAfee Labs observed the consequences of the scam, such as the scammer gaining control of the victim’s Instagram account. This provided valuable data on the effectiveness of the scam and the vulnerabilities it exploits.
When we added the scammer’s email, the account indicated that the victim’s email would be replaced. This substitution allows the scammer to gain control of the Instagram account, as the scammer’s email receives the verification code needed to complete the process.
Final Takeover
Once the scammer’s email is linked to the victim’s account, the scammer uses the “forgot password” function to reset the password, locking out the original user. The victim, now unable to log in, receives an incorrect password message, while the scammer takes over the account.
Protecting Yourself from Instagram Scams
To safeguard against such scams:
- Exercise Caution: It’s crucial to exercise caution when navigating through social media platforms like Instagram. Be wary of any unusual requests, especially those asking for personal information or promoting suspicious contests or giveaways. If something seems too good to be true, it likely is. Always verify the legitimacy of any offers or requests by researching the account, checking official rules, or contacting the organizer directly through verified channels. By remaining vigilant and skeptical, you can better protect yourself from falling victim to scams and fraudulent activities online.
- Verify Authenticity: Verifying the authenticity of any offers, contests, or requests is paramount to avoiding scams on Instagram. Take the time to thoroughly research the account making the offer or request. Look for official verification badges, check the account’s history and follower engagement, and search for any complaints or warnings associated with it. Additionally, review the official rules and terms of any contests or giveaways to ensure they align with reputable practices. If you have any doubts or concerns, consider reaching out to the organizer directly through verified channels to confirm the legitimacy of the offer. By verifying authenticity before engaging, you can significantly reduce the risk of falling victim to scams on Instagram.
- Avoid Suspicious Links: It’s essential to steer clear of any links that seem suspicious or unfamiliar, especially those received from unknown sources or through unsolicited messages. Be cautious when clicking on links in direct messages, comments, or emails, as they could lead to phishing sites or malware downloads. Before clicking on any link, hover over it to preview the URL and ensure it matches the expected destination. If the link looks suspicious or redirects to an unfamiliar website, refrain from clicking on it and consider reporting the account or message to Instagram. By avoiding suspicious links, you can protect yourself from potential scams and safeguard your personal information.
- Enable Two-Factor Authentication (2FA): Enabling Two-Factor Authentication (2FA) adds an extra layer of security to your Instagram account, helping to prevent unauthorized access even if your password is compromised.
- Report Suspicious Activity: Reporting suspicious activity on Instagram is crucial for protecting yourself and other users from potential scams and fraudulent behavior. If you encounter any accounts, posts, or messages that appear suspicious or violate Instagram’s Community Guidelines, you can report them directly to Instagram for investigation. Additionally, you can report suspicious activity to Instagram’s support team directly through the app’s Help Center. Go to your profile, tap the menu icon (three horizontal lines) in the top-right corner, select “Settings,” then tap “Help” > “Report a Problem” > “Something Isn’t Working.” From there, you can describe the suspicious activity you encountered and submit your report.
- Confirm Requests: If friends ask for help, contact them directly via text or phone to ensure their account hasn’t been hacked.
By following these precautions, users can better protect their Instagram accounts from fraudulent activities and scams.
About Author
Mr. Ankush, a Certified Ethical Hacker (CEH) certified by EC-Council (Certification Number: ECC1805479632), is a digital forensics expert and cybercrime investigator. With a passion for unraveling complex cyber threats, he specializes in supporting legal proceedings with meticulous digital evidence analysis. Additionally, Ankush dedicates his time to volunteer work, writing articles and blogs for Elite Defender Security. Through his contributions, he aims to educate and empower others about cybersecurity best practices, furthering the mission of creating a safer digital environment for all.
Leave a Reply