WARNING - Instagram hacking

I got a message on IG this morning from Catchlight:

Hey 👋 how are you doing,hope I’m not bothering you I need your help 😞😭🙏Xx

Ignored it and messaged him on here.

B17fan I'll block your old one and follow your new one.

Yeah, the "need your help" ones often turn out to be attempts to gain access to your account. What they do is claim they can't get into their account and can't receive a recovery code. They ask you to follow a link (or other steps), supposedly so that you'll receive the code on behalf of them. But of course it'll actually be for your account, not theirs.

Oh, and they'll sometimes have a user name that sounds like it is model- or photography related, presumably to make you think they're someone in the industry, and hence legitimate.

Lee River . Mine was from a model I followed supposedly needing me to copy & send a link to vote for them in a competition. As I wasnt clicking on a link I thought I was safe!

BRT Photography said

If anyone hasn't activated 2FA on their accounts, I would definitely recommend doing so, lets you get notified if anyone is trying to access your account with the right password. Can't get into your account if they don't have your phone :D

Not necessarily true, I'm afraid. There is an increasingly popular hack known as "SIM-swap fraud". In a nutshell, the hacker cons your phone provider into transferring your phone number to a new SIM in the hacker's possession. ATM it's mostly used to capture banking details, access Paypal accounts with 2FA etc. But it can just as easily be redeployed for other nefarious purposes...

https://www.which.co.uk/news/article/sim-swap-fraud-how-criminals-hijack-your-number-to-get-into-your-bank-accounts-aEzeh1P6N6Z8#

Edited by waist.it

I thought IG sent you an email saying your password had changed, which then allows you to reset it if you say it wasn't you that changed it.

BRT Photography said

If anyone hasn't activated 2FA on their accounts, I would definitely recommend doing so, lets you get notified if anyone is trying to access your account with the right password. Can't get into your account if they don't have your phone :D

2FA won't help in this case, nor will changing your passwords.

How it works is this: 

• The hacker goes to your account and clicks "forgot password";
• Meta sends your 'phone a web link to reset your password;
• You screenshot the link to the hacker;
• The hacker copies the link into their browser and can then change your password.

That's why you don't need to click on anything for the hack to work.  Clever, and like a lot of clever things, very simple.

The only way to defeat this is never respond to a request to screenshot anything unless you are absolutely 100% sure who you are dealing with.

Was hacked ages ago, managed to recover as original register email was still active.

Change email address and go to 2FA ASAP, it helps, but doesn't stop the most determined.

Has taken a while to get to my 2.5k followers, so would be annoyed if happened again. But would just start again...

I was actually in the middle of a convo about a shoot with Ayla when her insta was hacked...

Edited by BigBaldTone

Gothic Image said

BRT Photography said

If anyone hasn't activated 2FA on their accounts, I would definitely recommend doing so, lets you get notified if anyone is trying to access your account with the right password. Can't get into your account if they don't have your phone :D

2FA won't help in this case, nor will changing your passwords.

How it works is this: 

• The hacker goes to your account and clicks "forgot password";
• Meta sends your 'phone a web link to reset your password;
• You screenshot the link to the hacker;
• The hacker copies the link into their browser and can then change your password.

That's why you don't need to click on anything for the hack to work.  Clever, and like a lot of clever things, very simple.

The only way to defeat this is never respond to a request to screenshot anything unless you are absolutely 100% sure who you are dealing with.

Thankyou, I was fretting over how they were doing it so i do feel more at ease now as Im sure others reading this are too 

Yes I was just saying this morning to Retro Rob about all the hacked accounts and he also has had a fake account that he’s been trying to get shut down for months and Insta have done nothing despite multiple people reporting.

Anyone received a follow this person?  https://instagram.com/grace_aldrich_hanson_?igshid=YmMyMTA2M2Y= 

I followed back, and she has been DMing me several times, volunteering lots of personal info regarding her age, location, relationship status etc, and requesting the same from me. I have ignored her for now. 

Thelema said

Gothic Image said

How it works is this: 

• The hacker goes to your account and clicks "forgot password";
• Meta sends your 'phone a web link to reset your password;
• You screenshot the link to the hacker;
• The hacker copies the link into their browser and can then change your password.

That's why you don't need to click on anything for the hack to work.  Clever, and like a lot of clever things, very simple.

The only way to defeat this is never respond to a request to screenshot anything unless you are absolutely 100% sure who you are dealing with.

Thankyou, I was fretting over how they were doing it so i do feel more at ease now as Im sure others reading this are too 

It took a while to figure out - the key is persuading the victim to believe why they are receiving a (genuine) link from Instagram.

M e l a n y said

Yes I was just saying this morning to Retro Rob about all the hacked accounts and he also has had a fake account that he’s been trying to get shut down for months and Insta have done nothing despite multiple people reporting.

Instagram are the absolute worst with this sort of thing. 

Thelema totally agreed and don’t get me started on the nipple issue 😆 I can live without it as I get all my bookings through here not insta so would just shutdown if I needed to but it’s a shame that insta doesn’t take better care of it’s account holders.

M e l a n y said

Thelema totally agreed and don’t get me started on the nipple issue 😆 I can live without it as I get all my bookings through here not insta so would just shutdown if I needed to but it’s a shame that insta doesn’t take better care of it’s account holders.

the attitude towards nipples is a joke