Frauds on Instagram (Part 1)
I would love to call them Frauds instead of hackers because they are using cheap social engineering tricks to manipulate naïve people and taking over their account.
I’m damn sure that you all have encountered frauds over the internet. I have recently encountered one of the scenario which I would like to share with you guys! Probably it may help others to protect their social accounts in future.
I have been following this lady on Instagram as she is good with comedy related content. One night I received a message from the same lady asking me that if I’m receiving any spam messages on my cellphone from Instagram.
She has also shared a screenshot of reset password message from Instagram (Fraudster is trying to establish a connection: SYN packet of TCP ). I knew this lady on Instagram for long and that’s why I thought that probably some spammers are trying to reset her password. I asked her not to click on any of the links and ignore it.
After few days, again received a message from same account that she is still receiving those Instagram messages. This time the fraudster is pressurizing me to check if I’m receiving the same messages or not (Waiting for SYN+ACK)
Then something clicked in my mind! I checked my other number and I actually received the same message to reset my password. At this point of time I got to know that the account belongs to a fraudster, but how it is possible that a well established comedian turned into doing fraud like this. I checked her account and found links to her other accounts.
I visited her other accounts and there I saw one of her post where she mentioned that her main account has been hacked. Now, the complete story was clear to me.
I wanted to see what will happen if I convey that I have also received the reset password link. So replied back saying that I have also received the same message over my phone.
Now the real game starts! Earlier I thought that the fraudster will ask me to click on link but NO! he actually asked me to take a screenshot and share it with him. Carefully observe the next image! how naively he is asking me to share the screenshot of the link I have received.
Anyone on the Instagram can see your username and can request for password reset. The password link will be sent to your number/email and therefore the fraudster wants that link anyhow. They can go up to any extent in-order to make uh handover that link.
For Example: Again I received the message from same account and this time the excuse was different but the purpose remain same.
Few things you need to keep in your mind.
1- Never Ever click on the links sent by anyone over the internet.
2- Never ever share the links/OTP/SMS to anyone asking for the same.
3- Never ever blindly believe on your contacts, there is high probability that their account is already hacked.
4- Never ever put your emotions over your intelligence (Human error)
5- Always report the account which seems to be fraud.
