In this clever new scam, con artists are getting greedy. Not only are they trying to steal your Instagram password, they also are phishing for your email log-in. Follow these tips for spotting this tricky scam and protecting your passwords.
How The Scam Works
You receive an official-seeming email from Instagram. According to the message, you have violated copyright laws, and your account will be deleted within 24 hours. But don’t worry! If you think that Instagram has made a mistake, all you need to do is click the button and “verify” your account. Then, you are taken to a website that prompts you to input your Instagram credentials. Most scams would end there, but not this one!
Immediately, another message appears. This pop-up claims that you must also verify your email address. You’ll see a list of e-mail providers. Choose yours, and you’ll be urged to enter your email address and password. As a final touch, the scam site redirects to the real Instagram website, a trick that “lends additional credibility to the scam,” explains Kaspersky.
How To Spot These Scams:
- Double check the “from” email address and link destinations. Hover over any links in an email you receive to see where the link really leads. Suspicious links are one of the main giveaways of email scams. Also, make sure the “from” address is actually from the business it claims to be.
- Understand how businesses handle communications. If you know how a company handles disputes and suspicious activity with your account, it will be easier to spot a scam. Will they email you? Call? Send a text message?
- Look into the claims. Don’t act without first verifying the claims. Log into your account or look up the company’s official phone number (check your bill or welcome email) and call them to confirm that there really is a case of suspicious activity associated with your account before you decide what to do.
- Don’t panic and don’t feel intimidated. Scammers want you to panic. They may use intimidation tactics, such as claiming your account will be shut down in 24 hours, to pressure you into giving up your personal information or making payments. Legitimate businesses will not intimidate you in this way. Stay calm and think things through before you act.