Many Instagram Users Facing Account Hacks And Modified Recovery Emails

Social media hacks are not new – we regularly hear of various instances where people lose access to their Facebook, Twitter, or other accounts. Even in the case of Instagram, we frequently hear about different celebrities suffering from account compromise. This time, it is not about one or two accounts. Rather a massive campaign affecting numerous Instagram users. What’s more upsetting for those affected is that the hackers have also been changing account recovery emails.

Instagram Users Face Bizarre Account Hacks

Reportedly, Instagram users are facing immense frustration as a massive hacking campaign seems to be taking over the platform. Numerous Instagram users have lost access to their account. According to a report by Mashable, almost all the accounts suffer similar hacking patterns. At first, the user gets logged out of the account. Then, when the user tries to log in again, he or she finds an amended email address with a ‘.ru’ extension as the recovery email.

Moreover, the user also notices that their accounts display different profile pictures and information. In short, they see a complete overhaul of their accounts.

The number of hacks has increased exponentially this month. Hundreds of users have reported such hacks on their Twitter and Reddit accounts, though oddly Instagram denies this increase;

“Though Instagram, which has more than 1 billion users, says it hasn’t seen an uptick in hacks, a search of Twitter data suggests otherwise. Twitters users have directed approximately 798 tweets to Instagram’s official account with the word “hack” since the beginning of the month, compared with about 40 tweets during the same period in July.”

Furthermore, according to the report by Talkwalker, around 899 Twitters accounts have tweeted 5,000 times regarding Instagram hacks in the previous week. Anyone can check the growing frequency of Tweets posting about Instagram hacks with a quick search.

The addition of ‘.ru’ extension hints towards the possibility of Russian involvment. However, one should not be too quick to point the finger.

Any Methods To Prevent Such Hacks?

A quick look at Instagram’s help link will highlight that they have developed a strategy to deal with account hacks. Some of their suggestions are just the usual ones we regularly hear, such as setting up strong passwords, no sharing of account’s credentials, setting up two-factor authentication, and revoking third parties.  However, none of these strategies seemingly work for the kind of hacks that are occurring at the moment.

Chris Woznicki’s account hack is an example of this. Woznicki had 2FA activated on his Instagram account. Yet, he lost his account 10 days ago. He was unable to recover it owing to the change of recovery email address.

Instagram users get locked out owing to modified recovery emails with .ru extension. (Source: Mashable)

Regarding support from Instagram, Chris Woznicki said,

“When I reported it, they sent an automated email which told me to log in and change the password. However, at this point, it was impossible to do that.”

Likewise, many other Instagram users are also facing similar troubles as they cannot recover their accounts. They contacted Instagram authorities via emails as well but got no noteworthy support.

An Instagram spokesperson, said they help the affected users with a remediation process to restore their accounts.

“When we become aware of an account that has been compromised, we shut off access to the account and the people who’ve been affected are put through a remediation process so they can reset their password and take other necessary steps to secure their accounts.”

Though one user claims successful recovery of her Instagram through this process, she calls it “extremely stressful”. This might be a reason why users are deciding to create new accounts rather than go through the stress of recovering the old one.

Let us know your thoughts in the comments section.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients