Yep! You have been Hacked; the increase in Phising on Instagram

BY SIMONE J. SMITH

I was sitting down to dinner with a friend on Saturday evening, and I felt my phone vibrating. I ignored it; because when I am relaxing, I usually don’t take calls. My phone kept vibrating, so I decided to answer it.

A good friend of mine Evangelist Janel was on the phone.

“Simone. I think that someone has hacked your Instagram. They are sending messages out about bitcoin, and I know that this is not you.”

“Are you serious!”

“Yep,” she said. “Go and check right now.”

I hung up the call and headed to my Instagram page. I tried to log on, and the message I received was “Unable to Login. Please try again later.”

Yep, just like that, I had been hacked.

Being the victim of a hacked Instagram account is what many of us fear. Imagine, losing all your pictures, all the memories, gone in one second.

This can happen to any Instagram or social media account through a malicious scam known as angler phishing, also known as Instagram phishing. If you have an email address or phone number or anything, they want it. But what exactly is Instagram phishing, and what are the signs of it? Let’s take a look.

Instagram phishing is a scam done by sending a DM (Direct Message) or a phishing email impersonating Instagram.  In my case, my brother’s girlfriend’s account had been hacked, and I received a message from her. In the message she shared how she had started investing in bitcoin, and how she had made a profit in a short amount of time.

What was interesting about that is the fact that my brother is heavy into cryptocurrency, so receiving an email from his girlfriend about this actually made sense. Just like that, they had tricked me to click on the link, which instantly gave them access to my Instagram.

Some of the DM scams pretend to be Instagram support warning users about fake copyright violations. I did a little investigation and Instagram notes they will never DM about account issues. They recommend not opening or replying to phishing attempts like this. The platform will also never ask for personal account details like your password.

This leads to stolen information, fake promotions advertised on your account, or loss of your account. Hackers for one main reason use it: to monetize your personal information. 

I handled this all-in stride because to be honest, that page was shadow banned, censored, and no one could find me, so in a sense, the hackers did me a favour.

Now, this may not be the case for some of you; your pages are the way you connect with your followers, business associates, friends, and family, so here are some more ways you can secure your account and ensure that your details aren’t sold or distributed over the Internet: 

Create a strong password

Ideally, a strong password includes 14-16 characters minimum (letters, numbers, punctuation marks).  Please do not do 12345, as a password. You can use a password generator from a reliable source like LastPass, or 1password, which can also help create one for you.

To keep your information extra secure, make sure to update all your passwords regularly.

Activate Two-factor Authentication 

Two-factor authentication is a feature that adds an extra layer of security to your account. It does this by asking for a code when logging in to a new device. You can either receive a code via SMS or generate unique ones with a third-party authentication app. Instagram recommends using either Duo mobile or Google Authenticator.

To get started go to Settings > Security > Two-factor authentication > Select Text message or Select Authentication app.

Don’t Share your Personal Information with Anyone

Don’t give out any data to anyone – to be safe, that even includes friends or followers on Instagram.

Be wary of messages and emails 

Any messages or emails that require you to re-enter your account details for whatever reason should always be carefully inspected, and now, you have to be careful even if it is someone that you know.

Make sure to check the legitimacy of every email at Settings > Security > Emails from Instagram. 

If you do end up clicking on a link that redirects you to an Instagram login page, do not log in. Just to be safe, open instagram.com on a separate browser window and login through there or through your app.

Refrain from using bots (auto-follow services) 

We all want 1M followers, but it’s best to gain these followers and comments organically. So, I suggest staying away from using external services. It isn’t safe in terms of keeping your data secure.

Be careful when authorizing access

Sometimes, apps that we use ask us to authorize access to our photos, contacts, microphone, etc. Whenever you receive these requests, double-check to see that it’s from an app you use and not some suspicious app or website.

Well, that’s it! I wanted to share this information with you, because although this was not a big deal to me, it could be a big deal to you.