How to Spot the Instagram Copyright Infringement Scam
Much like a virus, hackers and phishers are constantly evolving to stay alive. The Instagram copyright infringement scam is the latest proof.
They will do whatever they can to convince you to fork over your valuable account credentials. Scaring you into believing you’ve infringed on copyright is just their latest attempt to trick you.
Let’s take a look at this growing phenomenon and see what you can do to protect yourself.
The Basics of the Instagram Copyright Infringement Scam
Hackers have gotten greedy with this scam. Not only do they try to get your Instagram credentials, but they try to snag your email login info as well.
Like most phishing scams, it always starts with an official-looking email:
It’s phishing at its best. The scammers immediately get you into your emotions by making you think you’re in trouble. That usually inhibits your ability to think critically or at least inspect the email.
It looks legit, but if you take a closer look, something is off.
It was sent from an email address ending in “@theinstagram.team.” Why wouldn’t they use an email connected directly to Instagram.com? Because they’re imposters.
But since you may now be afraid of getting your account shut down, you don’t look that closely and click on the ‘verify account’ icon. To add urgency, the email usually states that you only have 24 or 48 hours to verify your account.
Once you click forward, you’re sent to another convincing phishing page that lets you ‘appeal’ the infringement notice. To make it look even more official, the hackers offer you various language choices, none of which work (except English).
To appeal this fake notice, you have to log in to your Instagram account.
According to Kaspersky, you’re then asked to ‘verify your feedback’ and ‘check if your e-mail account matches the Instagram account.’
Spoiler alert: they then ask for your email login information.
Who Are They Targeting and How Can You Protect Yourself?
It appears as though these phishers are mainly targeting influencers and celebrities for now. That’s likely because their sensitive information is more valuable on the Dark Web.
But these types of phishing emails have traditionally been sent to all kinds of users, no matter their level of fame.
Luckily, there are steps you can take to secure your Instagram account.
You definitely want to enable two-factor authentication for your account. This way, even if a hacker obtains your login credentials, they still won’t be able to access your account. To set up 2FA, click on ‘settings’ > ‘security’ > ‘two-factor authentication’ and choose the type of 2FA you’d like to use.
Always use a strong, varied password for your accounts.
Remove access to third-party applications.
And, of course, never click on suspicious links. If you get an email from an app like Instagram asking for your login credentials, an alarm should be blaring in your head.
Scan emails for suspicious details, and if you do click into a website, check the URL to make sure it’s the official site you think you’re at. After all, in most phishing cases, the hackers can only can as much access as you allow them.
Featured image by TY Lim via Shutterstock.com