- An unnamed Turkish hacker group is using WhatsApp to launch a massive “Phishing attack” in India.
- A WhatsApp message saying “Your Instagram account will be taken down in the next 24 hours due to copyright infringement” is leading users to fill their account credentials.
- Once the account is hacked, there’s no way to report it to Instagram.
- Here's a first hand account of what happened on that day and what I learned from it
Before I begin narrating the whole incident, I want to ensure that the reader of this story is aware of the technical terms used in the text to follow. So, first and foremost, you should know what is a
What is a phishing attack?
A phishing attack starts with a fraudulent message, email, instant message or any other communication that is designed to lure a victim into clicking a link that’s placed very strategically in the email. The message is designed in a way so it appears to have come from a trusted sender. The victim is often lured into providing sensitive information such as login credentials, bank account details.
In this case, the users are asked to provide the Instagram password. What makes matters worse is that there is no way to report the hack to Instagram.
How did it actually happen?
I received a message from an unknown number on my Whatsapp at around 3 am. The sender had done really well to ensure that I don't doubt their identity by keeping the profile picture to be the Instagram logo.
I was asked to click on a link sent on WhatsApp and then I was presented with a form, which already had the relevant email ID pre-filled and it asked for the password.
As soon as I filled the password and the form was submitted, an Instagram lookalike screen appeared affirming that they’ll get a response within 24 hours.
The hackers ensured a smooth user experience while filling up the form. The interface had been designed in a way so that there is never a doubt in my mind until the hack is complete.
After a few minutes, I was logged out of my account and the linked email ID was changed. There was no way for me to claim the account back. I tried searching Instagram help docs but couldn't find anything worth trying. It kept pointing to some cryptic reporting mechanism, which according to me doesn't exist.
Level 2 damage
Armed with my Instagram id and password, the hackers then moved on to taking control of my gmail too.but failed due to an additional security layer. The 2-step authentication wasn’t enabled on my Gmail until this attack.
Still, Gmail managed to block the hacker who was trying to log in from a new location and saved further damage.
However, it’s interesting to note that the link that Instagram had provided in the email to “secure the account” was going to a 404 and thus was of no help. There’s no clarity on the duration for which the link stays functional.
There’s no clear way of reporting the hack to Instagram as there’s no support email ID provided on the website and the help docs talk about some reporting mechanism that doesn’t exist.
There’s a way to report it through the app but that won’t work once the infiltrator has changed all the related information. The support ID support@instagram.com was not working and Facebook replied saying that the ID is no longer functional and the I'm required to go to help.instagram.com to help myself.
The same hacker group attempted to get into the account again today. I received another message after I changed the number on my account.
Here's what I learned about Internet and Online data security and how can you save yourself with similar and other phishing attacks?
- Don’t click on random emails/text messages/Instant messages without verifying the identity of the sender.
- Secure your Instagram account with 2-factor authentication. It adds an additional layer of security and in most cases, a non-penetrable one.
- Look for the padlock when you visit a website to know more about the organization and to understand where the URL is safe to visit.
- Lookout and identify common phishing language Verify your account or secure your account.