If you ever receive a direct message on Instagram informing you that copyright infringement has been detected in your photos, beware: it may actually be a cleverly-disguised phishing scam.
@thenorthfacechile is a verified account with over 151,000 followers, and Google’s history shows that it previously had at least 1,098 public posts. It’s set to private now, and given that it’s sending out phishing messages, it appears that the account may have fallen victim to hackers who are now using it to scam.
“A copyright violation has been detected in a post on your account,” the message to Day stated. “If you think copyright infringement is wrong, you should provide feedback. Otherwise, your account will be closed without 24 hours.”
The message directs the recipient to visit the URL instagramhelpnotice.com to “provide feedback.” Clicking through brings you to a page that may look (upon first glance) like an official Instagram page — especially when viewed on a mobile device.
The first two steps ask you to log into your account by entering your username and then your password.
If you do provide a username and password, the next step is likely the scammer’s true target: your email address.
While Instagram accounts may not contain too much sensitive and exploitable information, many people may use the same passwords for both their Instagram and primary email accounts. Email accounts are targeted not only for the sensitive info found in their emails but also because they’re widely used for identity verification when recovering passwords for all kinds of other accounts and services.
If you provide an email address in the final step of this scam, you get redirected back to Instagram’s homepage as if nothing had happened… except your Instagram username, password, and email address are now in a scammer’s hands.
As is common in many kinds of scams, this copyright infringement scam is littered with spelling and grammar mistakes throughout the various steps, so always be on the lookout for that. And never log into any site that looks like an official page but isn’t hosted at the official domain name (which in this case would be instagram.com).
Stay alert and you can (hopefully) avoid falling victim to these scammers.