Thursday, November 21, 2024

Instagram scam, this is how they steal users from verified profiles

The cyber criminals They do not miss any opportunities that allow them to defraud people, so they are willing to use prosperity in Social mediasuch as Instagram, to find their victims.

Cyber ​​security specialists have revealed that criminals are conducting surveillance work Instagram To identify potential prey.

Instagram methodology

According to the information, they are monitoring comments on Features of Instagram approved financial entities or companies.

Cybersecurity firm ESET reports that they expect a user to make a comment or go to a bank for help. In this way, they are able to identify users who are interested in receiving assistance through the profile of the bank or company.

Upon seeing this, they immediately contact you via direct messages pretending to be a customer service representative. In order to get your personal information, log into your bank account and withdraw your money.

So they committed fraud

“These days we learned of a case of someone who was about to go on vacation and they tried to deceive her and get her access keys to your online bank account.

The cybersecurity firm said the victim, a day before travelling, received a legitimate email from the airline, in which he was notified that the flight would be rescheduled for a day afterward.

Faced with this situation, she decided to reach out to the company and left a comment on a post on the official Instagram account in the hope that they could help her and answer some questions due to the last minute change of her journey.

Through the scraping tool, which allows monitoring of comments and activity for a specific profile, the scammers found the person who left a question in the official account of the airline and sent him a message directly from a fake profile, asking for a number on WhatsApp. To communicate and provide “help”.

See also  OTB Group (Maison Margiela, Marni...) collaborates with the blockchain consortium LVMH, Prada Group and Cartier.

The message sent to the victim contains the basic characteristics of the message generated by the bot. Although the legitimate company profile picture itself exists, the message was sent by an unverified profile.

The victim, in her desperation, did not notice that the account was suspicious because it had not been verified despite the legend “official” in her username, so she shared her number.

After a few minutes they called him via A WhatsApp Business It looked like a typical customer service call center. The victim explained what had happened and the phony actor said they would take care of the expenses she would lose and deposit the money into her account.

However, instead of asking for the standardized bank code, they asked for the document number. They’ve also brought up the security questions you’ve set up in case you need to regain access to your bank account.

trap

At that time and in the rush to get this compensation, the victim fell into the trap and gave statements. The scammers were trying to gain access to her bank account while the victim thought she was talking to a legitimate agent and receiving compensation.

However, he acted quickly and the criminals were unable to gain access to the account. But this confirms that this way of working has been done before. Therefore, it is important that users do not disclose their concerns in public comments.

Also, make sure to contact verified profiles, and be suspicious if they look weird with just a few posts. Also consider spelling errors and do not give private information that does not match the request.

See also  COP 26: Boris Johnson faces the risk of a missed date

Latest news
Related news