Professional content creators on Instagram or influencers are being targeted by hackers through a sophisticated phishing scam. According to the security firm Naked Security by Sophos, cybercriminals are using fake copyright infringement notices as bait for Instagram creators. In some cases, these copyright notices sent via mail or directly in the app even look like official notices with almost no signs of grammatical or spelling errors. The copyright notice that hackers sent tricks users that there’s an easy way to “prove” your “innocence” by providing a link to object to the “complaint.” These users are further tricked into providing their password that ultimately compromises their online security.
ALSO READ: Government Warning: New Diavol Virus Spreading Through Email To Steal Your Money
In a blog post, security researcher Paul Ducklin notes, “While we hope that you’d spot an email scam of this sort right away, we have to admit that some of the copyright phishes we’ve received in recent weeks are much more believable – and better spelled, and more grammatical – than many of the examples we’ve written about before.”
What is a phishing scam, and why should Instagram creators worry
To put it simply, phishing scams essentially trick users to reveal sensitive information via fraudulent messages, fake login pages, and shady software and apps. Any sensitive information such as email, date of birth, location, and phone number can be used in dubious ways by hackers. If the password is compromised, chances are that other social media accounts are also vulnerable as people often use the same passwords. Hackers often ask for ransom for compromised accounts. Instagram influencers often have their email ID attached to their profiles, making them more prone to getting scam emails highlighting copyright infringement.
How hackers are using Instagram copyright scam
As per screenshots, the security firm highlights that Instagram creators are receiving a message on their account that reads, “Hello, XX
We recently received a complaint about a post on your Instagram. Your post has been reported as infringing copyright.
Your account will be removed if no objection is made to the copyrighted work. If you think this determination is incorrect, please fill out the objection form from the link below .”
At the bottom, there’s an ‘appeal’ button that leads these creators to a new page. Here Instagram creators can get another button at the bottom that says ‘go to appeal form.’ The next page tricks users to enter the account password.
ALSO READ: World Economic Forum Warns Cyber Risks Add to Climate Threat
“The website then pretends you made an error typing in your password and tells you to try again, presumably as a simple way for the crooks to discard login attempts where a user clearly just bashed out any old garbage on the keyboard to see what happened next,” the post notes.
However, the process may work successfully in the next attempt and users are redirected to a new page that makes the whole ‘appeal’ part legitimate.
What should Instagram creators do immediately
The security firm claims that users should be thoroughly aware of their content and learn in advance how to handle Instagram copyright complaints, “so you know the procedure before you need to follow it.” It is also important to check the URL as the full name such as Instagram, or Facebook is often missing. If you are unaware of copyright notices on Instagram, it always helps to contact other creators or influencers who’ve dealt with this before. Secondly, one must immediately start using 2-Factor-Authentication (2FA) to add an extra layer of protection. Check out this link to learn how to use this security method.
Read all the Latest News, Breaking News and Coronavirus News here.