The Top 5 Common Scam Models On Instagram.
Instagram is one of the most popular social networks. In fact, with more than 1 billion monthly active users, it is one of the four most popular social platforms in the world. However, these numbers also attract cybercriminals such as bees to honey, which they see in such a large number of users as potential targets of attack.
In this article we will describe some of the more common scam models that you can probably come across when browsing your feed and connecting with other users through direct messages.
Phishing
Phishing, as old as the Internet itself, is a type of scam that cybercriminals often resort to and reuse over and over again. Simply put, the ultimate goal of a phishing attack is to trick you into stealing your personal information and login credentials. This information is then used in various illegal activities, such as identity theft or sale in clandestine markets on the dark web.
The most common strategies used by phishing attacks include evoking a sense of urgency by sending fraudulent emails claiming that an unauthorized person may have logged into your account. The email usually includes a fake password reset link. Once the user clicks they will be directed to a fake Instagram login page that will collect their credentials and allow scammers to access their account. Alternatively, criminals can hint that you are in trouble due to a copyright violation and that you need to clarify the situation. To do this, you will need to click on a link and fill out a form. However, if you do, you will be redirected to another fake login page. It is worth clarifying that phishing is not limited only to emails; Sometimes scammers will try to impersonate an Instagram support agent and contact you through direct messages.
To avoid being a victim of phishing, pay attention to certain elements that often give us a clue that it may be a false message, such as grammatical errors or the use of generic greetings instead of personalized ones. Another item to consider is the sender’s email address; If it is not related to an official email address, it is most likely a scam.
Cloned account attack
While browsing Instagram looking for the account of a celebrity or sports team that you want to follow, chances are you have come across several accounts that pose as official, but are not. Keep in mind that attacks that seek to clone Instagram accounts are not limited to just popular actors, singers, or athletes. Cybercriminals can also clone common Instagram user accounts. They will then go on to impersonate the people behind the accounts they cloned and try to communicate with their friends and followers.
In this instance, the attackers will make potential victims believe that the legitimate account they cloned has been stolen and that the “cybercriminals” have cleaned the bank accounts of the account owner. Another alternative that criminals often resort to is claiming that account owners are going through a tough time financially. With a little social engineering and luck, many victims fall for the scam and lose their money believing they are helping a friend or family member.
And if you think that this scam is unlikely to happen and that people will hardly be able to fall for it, you are sadly mistaken. ESET security specialist Jake Moore conducted an experiment and proved the viability of the scam by cloning his own Instagram account . The quickest way to check if you have been contacted from a cloned account is to contact that person through an alternative method, such as a phone call. To keep your own accounts safe it is recommended to set your profile as private, as well as to set certain limits on who you allow to follow.
The verified account scam
Speaking of cloned accounts, another thing to be aware of is verification tick scams. In short, if you see a blue check mark next to an account name, be it a celebrity, influencer, or brand, it means it’s real. “At its core, verification is people’s way of ensuring that the featured accounts they are following or looking for are who they claim to be. It’s a way for people to know which accounts are authentic and remarkable, ”the Instagram description of its verification process reads .
Being verified basically also means that you have a large following and that you are influential to some degree within your community. This also opens the doors to various opportunities, such as monetizing content through endorsement deals with various brands that might offer you to showcase their products. And the convenience of that coveted check mark is exactly what scammers are betting on. The scam is relatively straightforward: the scammer will contact you, probably via direct message, offering you the verification tick for a fee. However, if you pay, the only thing that will be verified is the fact that you became a victim of a scam.
The easiest way to avoid being scammed is to keep in mind that the only means of obtaining account verification is through Instagram , complying with the requirements it sets and following its official application process. Keep in mind that the social platform constantly monitors for malicious actors, and if it finds that an account got verified through alternative methods, it will quickly take action.
Romantic scams
While most people associate romance scams with online dating apps , these types of scams can also occur on social media like Instagram. To do this, the scammer needs to play long-term and gain the trust of potential victims.
Usually this will involve courting for a long time. This relationship will likely start when the attacker likes the victim’s posts, comments on them, and finally sends them a direct message. Once the scammer believes that he has gained the trust of his victim, he will begin to ask for money using as an excuse a medical emergency or the need for financial assistance to finance a flight that allows them to see each other in person. It is safe to say that the money that criminals receive will be wasted on things that have nothing to do with the trip.
Romance scams should not be taken lightly. In 2020 the losses reported by this type of fraud reached an impressive figure of US $ 304 million according to the US Federal Trade Commission, and that figure represents only the cases that were reported in the US Fortunately, there are several ways to detect these types of scammers who try to woo their victims to steal their money. If your new partner seems too good to be true, do a reverse search of their photos in Google Image Search to find out if they really are who they say they are. If they keep rescheduling or looking for excuses not to see each other in person, you should be suspicious and ask about their reasons.Another telltale sign is if they try to dodge video calls, as this can reveal that they look nothing like your profile picture.
Dubious sellers
Beyond allowing users to follow acquaintances, celebrities and influencers to view their content, Instagram also allows brands to advertise their products and even functions as a store. Over time, you may see more and more ads appearing offering products from supposedly new or about to open fashion brands, or ads for brands that are going through a closing sale.
However, not all ads can be taken at face value and some of them can turn into outright scams. That’s where your curiosity and sense of alertness come into play. If you’ve never heard of the brand or provider, this doesn’t necessarily mean you’re dealing with a scam; but it should serve to invite you to carry out the corresponding investigation. Ads may try to sell you high-quality products at rock-bottom prices; and that should make you suspicious. And if you take a risk to buy something, you might not get it at all, get a substandard product, or get something you didn’t even order.
Do a Google search, look for reviews on the vendors and the products they offer, and see if anything comes up. It is highly unlikely that you will find anything directly on their site as they can moderate comments, but victims of these types of scams will not be slow to share their negative experiences on popular review sites and forums. It is also recommended that you be on the lookout for fake reviews. They are often riddled with spelling errors and will try to contradict negative reviews, and will likely describe the company and its products in superlative terms.
In summary
Social networks try to moderate their platforms and keep them as clean as possible, however, it is still difficult to crack down on scammers who are determined to deceive victims in search of sensitive data and their money. What we can highlight as positive about this scenario is that all these disappointments can be detected a mile away just by maintaining a healthy dose of doubt and staying alert.
Therefore, the best advice is the one that has been repeated countless times: do not trust blindly and always verify. Beware of unsolicited emails, if something seems out of place do your research, and if something seems too good to be true, it is most likely a scam.
