Despite Instagram’s popularity, what if it turns into a conduit for a dangerous scam? You may be unaware that your Instagram account is being accessed by a phishing scam. The Instagram DM scam that has been around since last year appears to be back. You may not even be aware that fraudsters are using phishing scams to gain access to your Instagram account.
In June 2021, the scam was first reported, and it is still active today. You end up handing over your login credentials to the fraudsters if you fall for it. This scam has also been warned about by several cybersecurity experts.
How this scam on Instagram happens
Fraudsters first post a link on Instagram with the caption “This took me 3 hours to make. I really hope you love it”. Sometimes the caption is accompanied by a story. According to the link preview, it appears to be an Instagram post. Upon clicking on the video, you will be directed to your Instagram account login page, where you can view whether or not you appear in it.
There is a pop-up message saying that you will not be able to view the post unless you log in to Instagram, and that’s when the scam begins. Following that, you are redirected to a fake Instagram login page that collects any data you enter. The website looks exactly like the original Instagram website and as soon as you enter your credentials, fraudsters take over your account.
Once you share your login credentials, a bot will distribute the same link to more Instagram users using your account. This makes it easy for fraudsters to use your credibility to lure your followers in.
How to know if a link is malicious
You can check whether a link you have received is safe or dangerous in a variety of ways, but the easiest way is to check the URL. You should always check whether a link on Instagram begins with HTTPS or HTTP. The HTTPS protocol is now used by almost all websites, including Instagram. Any page which claims to be Instagram but does not contain HTTPS in its URL can be malicious. HTTPS encrypts data using the SSL/TLS protocol.