{"id":16595,"date":"2019-10-15T09:10:02","date_gmt":"2019-10-15T17:10:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/10\/15\/news-10334\/"},"modified":"2019-10-15T09:10:02","modified_gmt":"2019-10-15T17:10:02","slug":"news-10334","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/10\/15\/news-10334\/","title":{"rendered":"Instagram clamps down on fake messages with anti-phishing tool"},"content":{"rendered":"<p><strong>Credit to Author: Christopher Boyd| Date: Tue, 15 Oct 2019 15:51:50 +0000<\/strong><\/p>\n<p>Instagram accounts will always be a popular target for scammers. You might not think it\u2019s a big deal if someone has their account swiped, but it\u2019s often the vanguard of many online businesses. A takeover, or a deletion, can be <a href=\"https:\/\/www.bbc.co.uk\/news\/business-49397038\" target=\"_blank\" rel=\"noopener noreferrer\">absolutely devastating<\/a>.<\/p>\n<p>Smart hacking crews are always in the background, waiting to see what they can get away with\u2014and it\u2019s not just the public-facing account at risk, but <a href=\"https:\/\/www.independent.co.uk\/life-style\/gadgets-and-tech\/instagram-cyber-attack-hack-celebrities-selena-gomez-justine-bieber-millions-ordinary-social-media-a7926211.html\" target=\"_blank\" rel=\"noopener noreferrer\">personal data behind the scenes, too<\/a>.<\/p>\n<p>To combat these attacks, quite a few security additions have been made to Instagram over the years. Now, with the introduction of the &#8220;Emails from Instagram&#8221; anti-phishing tool, one<span class=\"Apple-converted-space\">\u00a0<\/span>more inroad for scammers has been made significantly harder to bypass.<\/p>\n<h3>The great anti-phishing divide<\/h3>\n<p>\u201cEmails from Instagram\u201d will <a href=\"https:\/\/www.theverge.com\/2019\/10\/8\/20904233\/instagram-anti-phishing-feature-emails-security\" target=\"_blank\" rel=\"noopener noreferrer\">make it much clearer<\/a> if a message is actually from the social media platform or a scammer. Once you receive the update, messages will be split between \u201cMails from Instagram\u201d and \u201cOther.\u201d<\/p>\n<p>Anything sent your way from Instagram will be in the former; everything else will be in the latter. Scammers pretending to be your social network of choice is a classic slice of <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2018\/08\/social-engineering-attacks-what-makes-you-susceptible\/\" target=\"_blank\" rel=\"noopener noreferrer\">social engineering<\/a>, and the anti-phishing tool will hopefully go a long way to shutting down Instagram-centric attacks of this nature.<\/p>\n<h3>Instagram tricks of the trade<\/h3>\n<p>Whether locked down or not, there\u2019s a huge swathe of Instagram scams to steer clear of, and sadly the platform will never be rid of them. Here\u2019s some of the most common, sneaky, and downright clever attacks. Most, if not all of these, will be in circulation somewhere.<span class=\"Apple-converted-space\"> I<\/span>t\u2019s up to us to give them as wide a berth as possible.<\/p>\n<ul>\n<li><strong>Fake viral boosting apps<\/strong>: You\u2019ll come across fake apps both on official app stores and also floating around in the wild. They\u2019ll usually claim to boost your likes, visibility, follower count, and more. What they actually do is take the username\/password combination you punched in and <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2019\/04\/instagram-password-stealing-apps-found-on-google-play\/\" target=\"_blank\" rel=\"noopener noreferrer\">send them back to base<\/a>. From there, your account is entirely at the mercy of the hijackers. It could be sold on, given away for free, used to spam, or just plain trolled until Instagram shuts it down.<\/li>\n<li><strong>Exploiting cool features to push spam<\/strong>: Instagram stories are a neat way to quickly express thoughts with a small video clip or some looping images. If your account was compromised, you might find your latest story sending mutual contacts to <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/05\/instagram-story-spam-claims-free-apple-watch\/\" target=\"_blank\" rel=\"noopener noreferrer\">spam and dubious sign-up forms<\/a>.<\/li>\n<li><strong>Bogus profiles<\/strong>: The never-ending world of free video game offers comes back to haunt us, via many a compromised and purpose-built account. The method may not be as fancy as an Instagram story, but <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2016\/09\/free-console-games-on-instagram-not-exactly\/\" target=\"_blank\" rel=\"noopener noreferrer\">the end result is the same<\/a>. Quite a few of these bogus game offer accounts tend to be <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2015\/11\/nice-instagram-shame-about-the-code-generator\/\" target=\"_blank\" rel=\"noopener noreferrer\">designed quite nicely, too<\/a>.<\/li>\n<li><strong>The \u201cWho is watching you \/ what are they up to\u201d scam<\/strong>: A wheeze around since the days of Myspace, seeing what your friends are up to or wondering who lands on your profile is another perennial favourite with scammers. In this case, they prey on people\u2019s insecurities with their relationships. Are they cheating on you? <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2015\/09\/this-instagram-account-preys-on-your-trust-issues\/\" target=\"_blank\" rel=\"noopener noreferrer\">Find out via bogus messages and dubious third-party websites<\/a> asking for mobile numbers.<\/li>\n<li><strong>Casting bait outside Instagram<\/strong>: Not all scams originate from inside the Instagram walls. Quite often it begins in utterly unrelated comment sections, culminating with <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2015\/08\/instagram-follower-booster-leads-to-sms-browser-extension-pup\/\" target=\"_blank\" rel=\"noopener noreferrer\">third-party browser extension installs<\/a>. Standalone image viewer\/downloading tools are also <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2014\/05\/more-pups-sighted-using-instagram-as-lure\/\" target=\"_blank\" rel=\"noopener noreferrer\">popular ways<\/a> to install potentially unwanted programs on a system.<\/li>\n<li><strong>Viral hoaxes<\/strong>: Never has \u201cIt belongs in a museum\u201d been more appropriate, but panicked requests to repost something lest accounts be deleted\/hackers take over the world <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2014\/12\/january-1st-instagram-profile-deletion-hoax\/\" target=\"_blank\" rel=\"noopener noreferrer\">never, ever go out of fashion.<\/a><\/li>\n<li><strong>The major event bandwagon<\/strong>: You can guarantee anytime a holiday or major event takes place, scammers will be there plying their bogus wares. Soccer is a <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2014\/06\/fake-ea-instagram-account-has-world-cup-fever\/\" target=\"_blank\" rel=\"noopener noreferrer\">big target for this<\/a>, as are high-profile sporting events in general.<\/li>\n<\/ul>\n<h3>Some additional help<\/h3>\n<p>Instagram has a lot of advice with regards to account security. If your account has been compromised, there\u2019s <a href=\"https:\/\/help.instagram.com\/368191326593075\" target=\"_blank\" rel=\"noopener noreferrer\">multiple directions you can go in<\/a> depending on situation. Impersonation? They <a href=\"https:\/\/help.instagram.com\/446663175382270\/?helpref=hc_fnav&amp;bc%255b0%255d=Instagram%2520Help&amp;bc%255b1%255d=Privacy%2520and%2520Safety%2520Center&amp;bc%255b2%255d=Report%2520Something\" target=\"_blank\" rel=\"noopener noreferrer\">have that covered, too<\/a>. They also have <a href=\"https:\/\/help.instagram.com\/377830165708421\/?helpref=hc_fnav&amp;bc%255b0%255d=368390626577968&amp;bc%255b1%255d=285881641526716\" target=\"_blank\" rel=\"noopener noreferrer\">more general security tips<\/a>, and a generous amount of additional links which can be found in the Privacy and Safety Center dropdown menu. Two factor authentication is <a href=\"https:\/\/help.instagram.com\/566810106808145\" target=\"_blank\" rel=\"noopener noreferrer\">also on offer<\/a>, should you want to make use of it\u2014we strongly suggest that you do whenever possible.<\/p>\n<p>Launching an anti-phishing tool is an interesting move by Instagram, and one we hope to see on other sites. It won\u2019t magically solve the problem of imitation Instagram messages, but it should go some way to making a large dent in their ability to convince potential victims to click a bogus link.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/social-engineering\/2019\/10\/instagram-clamps-down-on-fake-messages-with-anti-phishing-tool\/\">Instagram clamps down on fake messages with anti-phishing tool<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/social-engineering\/2019\/10\/instagram-clamps-down-on-fake-messages-with-anti-phishing-tool\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Christopher Boyd| Date: Tue, 15 Oct 2019 15:51:50 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/social-engineering\/2019\/10\/instagram-clamps-down-on-fake-messages-with-anti-phishing-tool\/' title='Instagram clamps down on fake messages with anti-phishing tool'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2019\/10\/shutterstock_702210526.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>We take a look at a new anti-phishing feature Instagram hopes will cut down on imitation messages and other social engineering attempts.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/social-engineering\/\" rel=\"category tag\">Social engineering<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/anti-phishing\/\" rel=\"tag\">anti-phishing<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/anti-phishing-tool\/\" rel=\"tag\">anti-phishing tool<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/email\/\" rel=\"tag\">email<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/emails-from-instagram\/\" rel=\"tag\">emails from instagram<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/instagram\/\" rel=\"tag\">Instagram<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/mail\/\" rel=\"tag\">mail<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/malicious-email\/\" rel=\"tag\">malicious email<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/malspam\/\" rel=\"tag\">malspam<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/phishing\/\" rel=\"tag\">phishing<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/phishing-scams\/\" rel=\"tag\">phishing scams<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/safety\/\" rel=\"tag\">safety<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/scams\/\" rel=\"tag\">scams<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/social-engineering\/\" rel=\"tag\">Social Engineering<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/social-engineering-attacks\/\" rel=\"tag\">social engineering attacks<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/social-media-scams\/\" rel=\"tag\">social media scams<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/social-engineering\/2019\/10\/instagram-clamps-down-on-fake-messages-with-anti-phishing-tool\/' title='Instagram clamps down on fake messages with anti-phishing tool'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/social-engineering\/2019\/10\/instagram-clamps-down-on-fake-messages-with-anti-phishing-tool\/\">Instagram clamps down on fake messages with anti-phishing tool<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[18778,23210,11222,23211,2143,16802,22948,11928,3924,23212,713,10574,10510,19116,23213],"class_list":["post-16595","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-anti-phishing","tag-anti-phishing-tool","tag-email","tag-emails-from-instagram","tag-instagram","tag-mail","tag-malicious-email","tag-malspam","tag-phishing","tag-phishing-scams","tag-safety","tag-scams","tag-social-engineering","tag-social-engineering-attacks","tag-social-media-scams"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16595","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=16595"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16595\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=16595"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=16595"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=16595"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}