Not all phishing campaigns are created equal. Some are highly sophisticated, some less so. But, phishing is certainly prolific. According to Proofpoint’s 2019 ‘State of the Phish’ report, 83% of respondents experienced phishing attacks in 2018.
Recently, news outlets reported on a phishing campaign that used fake copyright infringement notices to target users with an email purporting to be from Instagram. In the email, the cyber criminals accused the recipient of violating copyright laws. In order to absolve themselves of the alleged infraction, recipients were directed to enter in their Instagram credentials. Upon doing so, they were then prompted to enter in their email account information – including email addresses and passwords. Ouch.
Fortunately, there are some simple and common sense steps the average person can take in order to stay safe. Says Entrust Chief Strategy Officer Peter Galvin:
This Instagram hack is the latest in a long line of cyber-theft scams. To protect your personal information, it’s important to be wary of any request for login credentials, particularly if it comes from social media.
Always check the originator of the email. In this case, you would find that ‘theinstagram.team’ is not the official email address. Never click the link if you are unsure, visit the site directly from your web browser. Above all, change your passwords frequently to limit your liability if a hacker should get hold of your information.