Phishing has become major problem on Instagram as it is one of the main methods for hackers to access the personal information of social media users across different platforms.
Nadia Diab Caceres, public policy manager for Instagram in the Middle East and North Africa region, said,
“Phishing is one of the most common types of cyberattacks and it can take many forms – from fun quizzes about your favorite cereal brand to receiving direct messages claiming to be from Instagram about issues with your account.”
Instagram, in particular, has been one of the main targets of phishing attacks for a while now. In September, Romania’s cybersecurity incident response team warned about a targeted campaign against Instagram users in the county, and last year TrendMicro reported similar activity led by Turkish-speaking hackers preying on high-profile accounts on the social networking platform.
Diab Caceres said:
“Phishing on social platforms is an evolving issue that has been increasing in both frequency and sophistication.
“We are constantly evolving our safety and security features to protect our community from cyberattacks. We have strong defenses in our existing security tools and features, and we continue to upgrade these in line with the needs of the times.”
As part of its efforts to raise awareness and increase usage of its safety tools, Instagram has collaborated with influential content creators including Khaled Mokhtar, Amr Maskoun, Aly Osman, Adel Aladwani, and Mazen Yaseen.
Additionally, it is educating users on steps they can take to protect their accounts.
One such way is its new security check-up feature that guides users whose accounts may have been hacked through the steps needed to secure them, including checking login activity, reviewing profile information, confirming the accounts that share login information, and updating account recovery contact information such as phone number or email.
Another method users can take is to enable two-factor authentication, whereby they receive a notification or are asked to enter a special login code when someone tries logging into their account from a device the platform does not recognize.
Enabling login request is available to users setting up two-factor authentication on Instagram. Any login attempt from an unrecognized device or web browser triggers an alert showing details of the device that tried logging in and its location. Users can then approve or deny the request from their already logged-in devices.
A further safety step is to update phone numbers and emails. Instagram advises users to always keep the email and phone numbers associated with their device up to date, so the platform can reach them if something happens to their account, as well as aid the recovery process even when a hacker changes their information.
In addition, Instagram encourages users to report suspicious or spammy accounts and content to help the platform better combat attacks.
There has recently been an increase in malicious accounts direct messaging people to try and access sensitive information, such as account passwords, by falsely stating that the user account is at risk of being banned, that users are violating Instagram’s policies around intellectual property, or that their photos are being shared elsewhere.
Users are urged to report these accounts to Instagram which has stressed that it would never send a direct message to users and would only communicate through the emails from Instagram tab in settings.
News Source: Arab News