Instagram users have now become the target of a new phishing campaign that uses login attempt warnings and content similar to two-factor authentication (2FA) code to make the scam more credible. Scammers use phishing to trick potential victims, who use various social engineering techniques to control fraudulent websites to pass sensitive information and steal user information.
In this case, the phishing emails distributed by the attackers after this campaign used fake Instagram login alerts stating that someone was trying to log in to the target account, asking them to confirm their identity through the login page linked in the message. To further increase its illusion of being an official Instagram alert, the scammer also added a code that was used as a second authentication code for identity verification. Once entering the phisher’s landing page, the target will see a perfectly cloned Instagram login page that is protected with a valid HTTPS certificate and displays a green padlock to alleviate any doubts the user has about the transaction.
Recently, hackers were found to have embarked on a massive phishing campaign on Instagram to trick Russian entrepreneurs by promising them a substantial amount of money to start their business. Fraudsters mostly promote the scan based on the advertisements delivered on Instagram. Researchers found 2 relevant phishing websites and both phishing sites had valid digital certificates and claimed to be “official resources” of the Russian Ministry of Economic Development. Once a victim launches one of these websites, it needs to “check” if the victim is eligible for funding. Then, the victim is required to pay 300 rubles for the electronic application fee. Other than the registration fee, the information such as phone number and payment card (name, number, CVV code) is taken by the hackers on the checkout page. According to the report, more than 200,000 people received the message since the campaign started.