No account on social media is too secured to be hacked even the accounts of the founders of social media sites are preys, the best way to stay safe is to stay updated with the new techniques and gimmick used by this hackers and scammers.
A new report has made it known that a new scam is out on popular Facebook owned Photo sharing site, Instagram, through which account users can get their accounts hacked.
According to a the report by Sophos, a computer security firm, it has issued warning to users as it claims that hackers are at this time spreading a scam that falsely tells users that they are violating the Instagram copyright laws.
Sophos revealed the new scam is that a user would get a copyright infringement email or a message coming from Instagram that they may permanently or temporarily deactivate your account, this will then lure the users to click on link which leads to them becoming a part of the scam.
The website shared a screen shot showing the false message of copyright infringement comes with an ‘Instagram’ logo on top followed by a text message saying ‘We’ve detected contents in your account that will violate copyright laws. Your account will be deactivated within 48 hours unless you provide feedback. As Instagram, we respect copyrights and take care to
protect copyrights.’ This message is followed by a button that says ‘Appeal’.
To make it look more legit, the message in the browser shows the URL starting with https://instagram.copyrightinfringementappeal… However, as explained by Sophos, if you get the right to use a domain such as example.com, you can also create subdomains such as www.example.com, anytext.youlike.example.com or even instagram.copyrightinfringementappeal.example.com And since the URL is so long, it doesn’t show the full link on the address bar of the phone. Because the user just sees nothing more than “https://instagram.copyrightinfringement…” he/she believes it to be a legit message from Instagram. Once you click, the next web page asks to give your username, birth date and the password to make sure it’s you. These boxes will now give hackers the information as you feed it. Once you feed the information, the page shows a ‘bogus’ web page showing the loading animation followed by a green tick with a message ‘Your copyright objection notice has been submitted. You will be contacted by email after 24 hours.’ After this, the users will be navigated to the real Instagram login page.
How does the real Instagram remove the content?
When Instagram wants to notify you that a content you shared has been removed, users get a notification from Instagram featuring the name and the email address of the person who reported the post. If users think the content shouldn’t be removed, they can follow up with them to resolve the issue.
One can also tap on the URL and see the entire link to check if its a legit link or not. Users can also check the email sender’s address before clicking the link to be sure it is indeed and Instagram link.