Your Instagram profile can be hacked through a single message: how the new scam works
Scammers are increasingly using popular social networks to steal users' personal data. One of the new schemes involves sending messages about alleged blocking of Instagram accounts due to platform rule violations. Under the pretext of urgent page verification, attackers try to force users to follow fake links and provide their login credentials. The Ministry of Justice has urged Ukrainians to be cautious and not fall for such manipulations.
How the fake Instagram blocking scam works
Users may receive messages supposedly from Instagram support warning about violations of the social network's rules.
These messages state that to avoid account blocking, users need to follow a link and confirm their login details.
In reality, the link leads to a phishing site that may look like the official Instagram page. If the user enters their login and password there, this data immediately falls into the hands of scammers.
Having gained access to the account, attackers can change security settings, block the real owner, demand money for restoring access, or use the stolen account to spread fraudulent messages to other users.
How to recognize a scam message
The real Instagram support service does not send messages requesting confirmation of login details via private messages or email.
Official platform messages appear directly in the Instagram app, so any requests to enter login or password via external links should raise suspicion.
How to protect your account
Experts recommend:
- not following links from suspicious messages;
- not entering login and password on third-party sites;
- checking the website address before authorization;
- enabling two-factor authentication for additional account protection.
What to do if data has already been entered
If a user has already followed a suspicious link or entered their data on a third-party site, they should immediately change their account password and check security settings.
In case of fraud detection or attempted account takeover, it is also necessary to report the incident to the Cyber Police.
Users are urged to be cautious with any messages about account blocking and not to share their login details with third parties, even if the message looks official.
Subscribe to our Telegram channel t.me/sudua and to Google News SUD.UA, as well as to our VIBER and WhatsApp, our page on Facebook and on Instagram to stay updated on the most important events.
