‘Ugly photos’ Instagram scam is hacking accounts. How it works & how to secure?

A new model of internet scam was recently reported affecting Instagram users. Multiple users have expressed concern about the possible hacking of their accounts after receiving a Direct Message (DM) from a user within their follower list. Users should keep in mind that if they receive a suspicious-looking message, even if it is sent by a close friend, it could be an attack attempt, so it’s worth taking a look at this information.

The attack involves hacking Instagram accounts when users enter their password on a third-party site. Once the attack operators take control of the account, they start sending DMs to the victim’s followers by mentioning things like “Have you seen what they’re doing with your photos?” followed by a link to an external site where hackers have placed a fake login window.

Upon entering this site, the victim’s monitor is riddled with pop-up ads, a clear sign that something is wrong. Finally, if users enter their login credentials on this fake page, this information will be sent to servers controlled by hackers, so their Instagram account could be completely exposed.

The number of users who have fallen into this trap continues to accumulate, so cybersecurity specialists strongly recommend resetting their passwords to enter this social network.

To change your Instagram password, just open the app and go to your profile page (tapping your profile picture in the bottom right corner). Now go to the options menu in the upper right corner and select “Settings”. 

Go to Security – Password. You will need to enter your old password to verify, and then enter your new keyword.

Users should also remember that using the same password on more than one website is a very bad idea, because if a hacker gets their Instagram passwords, for example, they could also access their Facebook account, email, Twitter and, in the worst cases, bank accounts or professional platforms, such as LinkedIn.

Although this article was crafted with victims of this kind of scams in mind, any user should reconsider resetting their Instagram password or any other social network, as this simple process could mitigate the scope of potential cybersecurity incidents.