There’s a new Instagram hacking trick in town, be aware of it

People use Instagram to influence others with their creativity. Instagram is one of the largest platforms which enable users to act freely in their own created space. Nowadays, People tend to rely more on the social media platform for all sorts of tasks. Some use it to search for trending clothes whereas others use to look for good nearby restaurants. The social media platform has a very strong impact on the life of its users but the major issue that any user doesn’t want to face is the invasion of its privacy. People trust these social apps because they offer complete privacy in return.

Hackers use Instagram Fake login emails

Recently, Sophos uncovered a new strategy used by hackers to access user’s login information. Now, these hackers use two-factor authentication (2Fa) codes to make the scam look more real. These hackers send messages and emails to people that look like they’re sent from the Instagram itself or from someone they might know. Hackers use this phishing trick to engage potential victims into sharing their personal information through the fake websites shared by these hackers.

Hackers use a well-crafted email template to send a fake Instagram login alert to users stating that someone tried to log in to the target victim’s account and asking them to confirm their identity by signing into a linked page sent along with the message.

Detailed insight into this new hacking trick

Hackers shares random authentication codes in the emails to make it look more legitimate. These messages look closer to the real messages from the official website but if take a look at it in detail you might find some blunders.

Firstly in the fake message, you’ll notice some punctuation errors and missing space before the word ‘please’ but usually, you might ignore it as it doesn’t look much suspicious. The hackers also use a code to add the effect of authentication for identity confirmation to make it look more real for the potential victims. A 2FA code means you don’t have to enter your login details and instead you can simply verify by clicking the mentioned link.



When an email phishing victim clicks on the mentioned link and lands on the landing page, a fake Instagram login page can be seen with a valid HTTPS certificate and a padlock as well to make it look as real as possible. There is one small loophole in all of this; if you take a look at the domain of the site you might notice that it is .CF domain instead of Instagram.com. This shows that one tiny detail that can help you not become another victim of phishing.




Steps to take after the hacker hacks your account

Hackers always come up with new strategies to fool people into sharing their personal information. So, this is neither the first nor it will be the last but if you think someone else has access to your account and is sending messages to your followers you should first check the information of email address and phone number on your account.

• Go to your profile and select the option of Edit Profile, then select the button to check the email address and phone number associated with your account. If the information is swapped by hackers, try entering your correct information. After this step, simply change your account’s password and logout of all the devices. Then log in again and regain control of your Instagram account.

• To be safer, try enabling two-factor authentication for your Instagram account.

• If however, you lose the control of your account simply report it to Instagram with all the details proving your authenticity by sharing your email address, phone number or sharing information regarding the type of device you used when you signed up.

Read next: Instagram is expected to be a platform full of advertisements and no one is questioning it at all
Previous Post Next Post