A ‘blue’ verified badge against someone’s profile is lucrative and it is definitely something that you would wish if you are frequent on Instagram. Well, Instagram has its own rules and regulations on how it verifies an account and whatnot. Unfortunately, shortcuts can get you that luring blue verified badge has costed over 70,000 accounts that were recently hacked.
A group of Turkish hackers has popped up on the internet after high-profile accounts and influencers received emails stating that their Instagram profile is eligible to get verified. These phishing emails are said to be from ‘Instagram Verified Team’ that a research analytics firm Trend Micro, took to the internet for discussion.
Further, as the details about how it works go forwards, an attacker finds a high-profile account or influencer’s account with thousands of followers but no verified badge. Then, it sends out emails to the prospective influencers asking them to click on ‘Verify Account’ within the email asking them about their login credentials promising a coveted ‘blue’ badge in return.
However, once the unsuspecting user sends all the credentials, these hackers alter the password preventing the user from logging in. Further, they scrutinize the account for compromising content ranging from selfies, messages, or anything that can be used to extort money or ask for nude selfies or even videos in some cases.
Apparently, even if the user provides the said ransom, they won’t get their accounts back from the attackers. According to Trend Micro, people should be aware of such digital scam since Instagram would never ask for user’s credentials apart from login pages which are far more secure.
Trend Micro also suggested a few ways to zero-in to a phishing email such as if the fonts are dubious, logos are replaced by screenshots, abnormal activities across the accounts such as unwanted or suspicious followers, grammatical errors within the email body. One of the biggest giveaway to a phishing email is the email address or the website URL itself which would resemble much like the real deal but it will have some change or alteration diversifying it from the real deal.
If you ever feel suspicious about your account, kindly change the password and use two-factor authentication system is available to safeguard it.