- Since October 2021, the Identity Theft Resource Center (ITRC) has seen a sharp increase in victims of Instagram account takeovers. Recently, criminals have been tricking victims into bitcoin scams.
- According to reports from the ITRC, scammers create Instagram posts about bitcoin investments to attract other users. Once someone clicks on the link, their money is gone and their Instagram credentials are compromised. Then, the victim is blocked from his Instagram account, and the account is used to post multiple links to fake bitcoin investments.
- To avoid bitcoin scam and a hacked Instagram account, never share your Instagram account credentials with anyone else. Protect your account with a strong password and two-factor authentication. If an Instagram post sounds too good to be true, it probably is.
- account gets hacked, check your email for a message from Instagram and request a login link, as well as a security or support code, from the social media company.
If your Instagram
The Identity Theft Resource Center (ITRC) received hundreds of requests each month regarding hacked Instagram accounts, four times the number of requests compared to a typical month. The ITRC believes that criminals are impersonating people listed on their victim’s contact list and stealing their personally identifiable information (PII). In some of the latest reports, Instagram accounts have been hacked due to bitcoin scams.
Who are the goals?
What is the scam?
According to reports to the ITRC, the “friend” of a victim (whose account was detected) posts on Instagram about how much money they earn by investing in Bitcoin. Once the victim shows interest, they are asked to make a video saying how much money they made. Then they are asked to give up their Instagram credentials and send money so that they can also be part of the investment. However, they are blocked from their account and their contact information is changed. The scammer then uses the compromised account to start posting on the bitcoin scam.
What they want
Identity criminals are looking for your money, as well as your Instagram credentials. According to Digital Shadows, the cost of a hacked Instagram account on the dark web is $45. For context, the price of a social security number (SSN) on the dark web is only $2.
How to avoid being scammed
- Never share your Instagram credentials with anyone else. As part of the bitcoin scam, scammers are trying to build trust with victims, talking about how much money you could make. While scammers can be persuasive, passwords, PINs, codes or any other type of sensitive information should never be shared with anyone.
- Use a strong and unique password. The ITRC encourages you to use a unique passphrase of more than 12 characters because it makes it harder for hackers to crack your account. Also, passphrases are easier to remember.
- Use multi-factor authentication (MFA) on your account. MFA gives you an extra layer of security, making it harder for criminals to hack your Instagram account. To use MFA on Instagram, go to “Settings“, “Security” and tap “Two-factor authentication”. Tap “Get Started” and select “Authenticator App” or “Text Message“. The ITRC suggests using an authenticator app because text messages can be spoofed.
- Make sure the email associated with your account is secure. A secure email account is an account that has security enhancements to provide added protection. If it’s not secure, it could make it much easier for hackers to access your account and any other accounts associated with that email. It’s also a good idea to protect your email with MFA.
- Ignore any offer on Instagram that seems too good to be true. If it sounds too good to be true, it probably is.
If your Instagram account
is hacked by a bitcoin scam, 1) check your email account for a message from Instagram, 2) request a login link from Instagram, and 3) request a security code or support from Instagram.