Scams have existed probably as long as the human species has existed. You know there were probably cavemen grunting about the wonderful medicinal benefits of Woolly Mammoth bones while trading them in for edible berries or a well-crafted spear.
Fast forward to our recent human history where scammers dupe folks with bogus mail campaigns and cold calling get-rich-quick-schemes and now with social media scams, like the "Look what I did with your Instagram pics" DMs con.
If you receive a personal message on IG where a stranger (or even a compromised friend's account) promises something cool they've done for you, out of the blue, with a link, chances are that link leads directly to a site that's riddled with malware, sniffers, and a litany of other viruses that'll compromise your device and maybe even your social media account for good.
If you get a "Look what I did with your Instagram pics" message, don't click any link.
If you click on the link, there's a chance you could lose your account, and there's a variety of different ways this can happen depending on how complex the "hacker" or bot wants to get.
The easiest way for someone to gain access to your Instagram account, and how most phishing scams work, is to hoodwink users into handing over their username and password credentials to a complete stranger.
In some instances, the link will redirect users to a page where they'll be prompted to "log in" to IG. It might look identical to IG's own initial login page, and whatever you do: DO NOT SUPPLY YOUR USERNAME AND PASSWORD.
It's a phishing attempt, plain and simple. Folks will take over your account and attempt to blackmail you, or use your username and password for your other accounts in an attempt to completely hijack your online identity.
Be on the lookout for these other Instagram scams.
Sometimes, especially if you have a decent number of followers, "businesses" will present opportunities to "collab" with you by sending you either products for free at your home or place of work. Again, these are all attempts at mining personal information. Your full name, home address, all of this info is stored which can then be used in an attempt to open credit cards or bank accounts in your name, etc. They're all ruses for identity theft.
The "you review, you keep scam" is unfortunately popular.
This is another popular scam that's been making the rounds all over the web and, again, they often take place in DMs. This scam usually promises early access to consumer tech products that haven't been released yet, like the Playstation 5 or an upcoming iPhone model.
The focal point of these scams is getting your money. Either by purchasing a $20 "tech guide" on how to properly review the product they're going to send you. Or a $10 a month recurring charge to your debit account that said scammer hopes slips your mind so they can get $10 from you every 30 days or so without actually ever delivering said product to your home.
I keep seeing orgs get pwn3d by #criminals. So I'm offering a free (no sales bullshit) attack surface review to UK registerd charities. Please friends if you can share, I just want to help people! #cyber #security #help #charity #freehttps://t.co/sqbtyDXFMl pic.twitter.com/7eZYgRdRa7— mRr3b00t @ secret base (@UK_Daniel_Card) May 12, 2020
Here's how to protect yourself, your Instagram account, and other online profiles from said scams.
Obviously, don't ever give money to these strange folks who are DM'ing you, but if you are worried about someone getting a hold of your account credentials, the best way to go about making sure they never log in to your accounts and change around your info is to enable dual-factor authentication.
Most apps, especially major ones, offer this option. Enable it. Just do it. Sure, it's annoying to have to verify your account through an app or text message login code from your phone, but if your account ever is compromised, unless someone has access to your phone, they won't be able to get into your account even if they have your password.
So stay safe online and remember: just say NO to Instagram DM scams.