Beware of Instagram Influencer Scams: McAfee Labs Exposes New Threat

Instagram, a social media giant with over a billion users, has become a fertile ground for scammers and fraudsters. Leveraging the platform’s influencer program, these cybercriminals employ various deceptive tactics to hijack user accounts, steal personal information, and exploit individuals’ desire for social validation and financial gain.

McAfee Labs has issued a warning about a new scam targeting Instagram users, particularly those aspiring to become influencers. Cybercriminals are exploiting Instagram’s brand ambassador and influencer programs to hijack accounts and deceive users.

One of the most prevalent scams involves the Instagram influencer program, designed to connect content creators with brand partnerships. Unfortunately, this program’s allure has made it a prime target for exploitation.

Reset the Password token received in the Scammer’s email | Image: McAfee Labs

Brand Ambassador and Influencer Program Scams:

• Step 1: Account Hijacking: Scammers create dummy accounts to hack into legitimate Instagram accounts. Once in control, they start sharing posts about Bitcoin and other cryptocurrencies.
• Step 2: Exploiting Connections: The hacked accounts are then used to scam the target’s friends by requesting votes for a fake influencer contest.
• Step 3: Phishing Links: Scammers send a link via a Gmail email address, supposedly for voting, which directs the victim to an Instagram email update page instead of the promised voting page.

McAfee’s research reveals that the links in these voting requests often appear legitimate, but they lead victims to a page where they unwittingly enter the scammer’s email address.

McAfee Labs conducted an in-depth analysis to understand the mechanics of this scam. Here’s how it unfolds:

1. Phishing Email and Dummy Accounts: Scammers send phishing emails or messages from compromised accounts, directing targets to a seemingly harmless URL.
2. Email Update Trap: Victims are tricked into entering the scammer’s email address (e.g., “vvote8399@gmail.com”) instead of their own. This action initiates the process of replacing the victim’s email with the scammer’s on the Instagram account.
3. Confirmation Code Deception: Scammers then provide a confirmation code received in their email to the victim, who unknowingly completes the email update process.
4. Account Takeover: With the scammer’s email now linked to the Instagram account, they use the “forgot password” function to reset the password, effectively locking the real user out of their account.

The scammer took over the victim’s Instagram account. | Image: McAfee Labs

To protect yourself from falling victim to these scams, McAfee Labs recommends the following actions:

• Be wary of contests that seem too good to be true or request sensitive information.
• Verify the legitimacy of contests by checking the organizer’s authenticity and looking for official rules.
• Avoid clicking on suspicious links or providing personal information to unknown sources.
• Enable two-factor authentication (2FA) for added security.
• Report suspicious activity or accounts to Instagram.
• If a friend asks for your vote, contact them directly to confirm their account hasn’t been hacked.