DNSC is sending an extremely serious warning to Romanians all over the country, and this is because a new phishing campaign is in full swing, and it is taking place on the Instagram social network, more precisely through private messages, and below you have all the details.
"Users of the #Instagram social network have been targeted in recent days by a #phishing campaign that spreads through private messages, usually sent by compromised accounts.
The techniques used by attackers have also been used in the past on other platforms, such as #Facebook, #Snapchat or #WhatsApp. The main objective is to extract account credentials from potential victims.
The directorate issued an alert at the beginning of the year about a series of trap messages received by Facebook users, messages with the text 'look like you', 'appear in this video' or 'you are in the video', which were accompanied by a link that later redirect to a phishing site. Meanwhile, cybercriminals have 'moved' to Instagram.
This time, the messages received by users are not in Romanian, but in English, but it is not excluded that in the future cybercriminals will start sending such messages translated into Romanian. The text of the new message is as vague as the previous one, and its main purpose is to arouse the user's curiosity to make him click: 'Took me 2 hours to make it. I hope you love it' (It took me two hours to make it. I hope you like it)
At the same time, the link sent by the attackers also includes the username of the Instagram account corresponding to the recipient of that message, to generate even more confusion and curiosity. After clicking on that link, the user is redirected to a phishing page that looks similar to Instagram's login page, but with a totally different domain (.buzz, .xyz, etc).
If you receive such a message, do not click on it! This is a phishing message that tries to steal your Instagram account. Later, after your account is compromised, such trap massages will be automatically broadcast to your followers.
If your Instagram account has been targeted and you have received such a message from an unknown account, immediately report the account that sent the message as a scam.
If the message comes from a known account, then we recommend that you contact that person, on a communication channel other than Instagram, to provide them with the necessary recommendations to secure the account. Our tips are available below.
If you clicked on that link, did not pay attention to the address of the site you visited and provided the authentication data, the Directorate team recommends that you:
1. Change your Instagram account password immediately and enable 2-step authentication (2FA)
2. Check the locations where the account is authenticated in the Settings – Login Activity section. Remove sessions from areas you don't recognize.
3. Make sure that no permissions have been granted to third-party apps from Instagram. Navigate to the Settings category, then go to the Security section. Here at the bottom of the menu you will notice a new section, 'Apps and webistes'. Here you will be able to see which apps are still active that have access to your Instagram account. Remove apps you don't recognize or that you think are suspicious."
