We ask for this information because we cannot verify that you are the real owner of your account.īe on the lookout, dear Reader, for this or similar campaigns that might land in your work inbox in the future. If you think this is wrong, please verify your information below. If you do not give us feedback, your account will be removed within 24 hours. The text from the phishing site is as follows: We have received numerous complaints that you violated our copyright laws regarding your account. The phishing site also offers up some fraudulent text that can make the whole process feel more official. Note that the rhetoric has now shifted from the victim being a fake news proponent to a copyright law-breaker. Here, users are then asked for their credentials as a requirement for verification. Incorporating a sense of urgency is a scam red flag because it aims to get users to act first and think later when it's too late.Ĭlicking the verify button takes users to a Google's Site page instead of the actual Instagram page-another red flag. The scammers then push the recipient to verify their "membership" within 24 hours else their Instagram account will be deleted. The phishing email tells the recipient that their Instagram account has been reported for spreading fake or false information, which nowadays is not unheard of and considered a serious breach of Instagram's Terms of Service. If You Can't Verify Within 24 HoursYour membership will be permanently deleted from our servers.You can continue by pressing the Verify button to verify your membership. and approved by us.You must Verify your membership.
![instagram support instagram support](https://www.iclarified.com/images/news/51645/244146/244146.jpg)
The initial scam email reads in full: FROM: Lnstagram Support SUBJECT: Instagram SupportMESSAGE BODY:You have been reported for sharing fake content in your membership. The fake "Instagram Support" email that appeared to have targeted employees of a New York-based insurance firm.
![instagram support instagram support](https://littwebsite.files.wordpress.com/2021/03/ig-live-rooms-1.png)
In this case, a small "L" looks the same as a big "i". It wouldn't have been obvious-if not for Gmail automatically setting the first letter of a sender's name in caps-as you can see from the screenshot below.Ĭlearly, threat actors have layered their campaign with a number of known fraud tactics, one of which is using a homoglyph (or homograph), making this a good example of a homograph attack, as well.Ī homograph attack is a method of deception where threat actors take advantage of how certain character scripts look the same.
![instagram support instagram support](https://petapixel.com/assets/uploads/2015/06/instagram7.jpg)
According to its threat research team, the spoofed email originated from "lnstagram Support" with the email address, The "l" you see in "Instagram" is actually a small letter "L". This was revealed in a report by Armorblox, a cybersecurity company specializing in stopping business email compromise (BEC) campaigns. Recently, a fake Instagram email successfully bypassed Google's email filters and made it into hundreds of employee inboxes used by a prominent US life insurance company based in New York.