Heads up Instagram users! Hackers are on their way to try and steal your login credentials. Reportedly, an Instagram phishing campaign is in the wild that tricks users with fake login alerts.
Instagram Phishing Campaign Exploiting Login Alerts
According to Paul Ducklin of Sophos, a dedicated phishing campaign is going around targeting Instagram users. This campaign exploits account login alerts that the users receive when someone attempts signing in to their accounts.
As described in his blog post, this phishing attack begins from emails that spoof Instagram login alerts. The content of the email fools users by presenting a code in it, giving it the feel of two-factor authentication.
Describing the content of this email, Ducklin stated,
Apart from a few punctuation errors and the missing space before the word ‘Please’, this message is clean, clear and low-key enough not to raise instant alarm bells. The use of what looks like a 2FA code is a neat touch.
When the recipient clicks on the sign-in link, the actual phishing website opens up. This web page seamlessly fakes the Instagram account sign-in screen. However, it has an obviously fake domain ending with ‘.cf’ – enough to suggest its maliciousness. Nonetheless, besides the domain blunder, the attackers have also taken care of ensuring HTTPS to add a sense of genuineness to the site.
Thus, if a user is not smart enough to note the URL, he or she is likely to fall prey to this phishing attack, ending up surrendering their credentials to the hackers.
Stay Wary Of Phishing
Like always, this phishing campaign too aims at preying on users who do not pay much attention to email security. We have recently reported a few similar scams that evade email gateways to reach a users’ inbox. Therefore, one should not trust every email that they see in their mailbox – particularly, when it has some URL(s) or attachment(s).